Nginx, Modsecurity and ELK stack
It has been a while since i have written here and lately i was kinda struggling to import and have meaningful modsecurity data in ELK. Long story short the easiest way is to convince Modsecurity to write the data in json format. In this way all the “parsing” and importing becomes more easier. Otherwise…