Tired of examining apache logs for hack attempts ? Okay, relax a bit ! Scalp is there to rescue you
Scalp ( a simple python script ) is a web log analyzer for the Apache web server that look for security problems. It reads the Apache log and perform log analysis for possible attacks against rulesets provided by PHP-IDS project. In its standard form, the script can handle Apache logs of more than 100 megabytes without a problem. The tool outputs its results as a report in text, XML or HTML format.
Running the program as the following will use the Apache log file at /var/log/apache2/access.log and the PHPIDS ruleset from ~/default_filter.xml;
$ python scalp.py –log /var/log/apache2/access.log –filters ~/default_filter.xml
Romain Gaucher, who created scalp, is currently working on a C++ version of his program.