teler
teler
Real-time HTTP Intrusion Detection
Contribute
Β·
What's new
Β·
Report Bug
Β·
Request Feature
teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. β€οΈ
| CLI | Dashboard |
|---|---|
 |
 |
Note: If you upgrade from prior to v2 frontwards there will be some break changes that affect configuration files. Appropriate adaptations can refer to teler.example.yaml file.
See also:
- kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications.
Table of Contents
- Features
- Why teler?
- Demo
- Documentation
- Supporting Materials
- Contributors
- Pronunciation
- Changes
- License
Features
-
Real-time: Analyze logs and identify suspicious activity in real-time.
-
Alerting: teler provides alerting when a threat is detected, push notifications include Slack, Mattermost, Telegram and Discord.
-
Monitoring: We've our own metrics if you want to monitor threats easily, and we use Prometheus for that.
-
Logging: is also provided in file form or sends detected threats to the Zinc logs search engine.
-
Latest resources: Collections is continuously up-to-date.
-
Minimal configuration: You can just run it against your log file, write the log format and let teler analyze the log and show you alerts!
-
Flexible log formats: teler allows any custom log format string! It all depends on how you write the log format in configuration file.
-
Custom threat rules: Want to reach a wider range of threats instead of engine-based (default) rules? You can customize threat rules!
-
Incremental log processing: Need data persistence rather than buffer stream? teler has the ability to process logs incrementally through the on-disk persistence options.
Why teler?
teler was designed to be a fast, terminal-based threat analyzer. Its core idea is to quickly analyze and hunt threats in real time!
Demo
Here is a preview of teler with conditions of use as:
| Buffer-streams | Incremental |
|---|---|
 |
 |
Documentation
All related documentation about installation, usage & configuration is on teler.app.
Supporting Materials
- teler - Protect Your WebApp! Talks were brought to the OWASP Jakarta: Virtual AppSec Indonesia 2020 event.
- Tutorial: Cyber Threat Hunting - Useful Threat Hunting Tools (Part One), Semi Yulianto gave a brief explanation and how to use teler in the video.
- Empowering Teler HTTP Intrusion Detection as WAF with Fail2ban.
- Detecting web attacks using Wazuh and teler, integrate teler with a unified XDR and SIEM platform, Wazuh.
Contributors
This project exists thanks to all the people who contribute. To learn how to setup a development environment and for contribution guidelines, see CONTRIBUTING.md.
Resources
All external resources used in this teler are NOT provided by us. See all peoples who involved in this resources at teler Resource Collections.
Pronunciation
jv_id β’ /tΓ©lΓ©r/ β bagaimana bisa seorang pemuda itu teler hanya dengan meminum sloki ciu (?)
Changes
For changes, see the CHANGELOG.md.
License
This program is developed and maintained by members of Kitabisa Security Team, and this is not an officially supported Kitabisa product. This program is free software: you can redistribute it and/or modify it under the terms of the Apache license. Kitabisa teler and any contributions are copyright Β© by Dwi Siswanto 2020-2022.
