0
I would like to be able to filter firewall, audit, etc. logs by parameters such as:
– number of log entries per IP address (show IP addresses with the highest rates of logged activity)
– 404 lockouts by filename/directory path (show repeating patterns of attempted access to identify commonly attempted exploits)
– ability to add a particular 404 path to a ban list from the log directly (e.g. I see several attempts from different IP addresses for the same files, it would be easiest to auto-ban IP addresses that try to access a specific file/directory)
– other insights or pre-configured bans would be helpful (e.g. for commonly known/attempted backdoors)
