Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    SOLVED Implement default NGINX logging

    Feature Requests
    nginx security logs
    2
    2
    58
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mastadamus last edited by girish

      Currently logging in NGINX is set to combined2. This requires tools that rely on log parsers to have new log parsers developed to work with Combined2 format. Currently Crowdsec and Wazuh/ossec have troubles with combined2 format due to parsing issues. By simply changing the nginx conf log format section to default as referenced in this thread https://forum.cloudron.io/topic/6077/nginx-logs-format?_=1639325942653, both Wazuh/ossec agents can properly parse nginx logs and provide protection against malicious actors. Likewise, crowdsec will function and be able to provide blocking actions based on malicious activity observed in the nginx logs. Without this change, new parsers would have to be written for Wazuh/ossec, and crowdsec.

      girish 1 Reply Last reply Reply Quote 4
      • girish
        girish Staff @Mastadamus last edited by girish

        @mastadamus thanks so much for investigating. I have removed it for next release (7.1) - https://git.cloudron.io/cloudron/box/-/commit/6492c9b71f80120413ff4ae7eefa2f03dc96ea0f

        1 Reply Last reply Reply Quote 6
        • Referenced by  S Sydney 
        • Referenced by  S Sydney 
        • First post
          Last post
        Powered by NodeBB