{"id":15716591,"url":"https://github.com/cloudymax/modsecurity-dashboard","last_synced_at":"2025-04-30T23:38:37.820Z","repository":{"id":163055042,"uuid":"638506497","full_name":"cloudymax/modsecurity-dashboard","owner":"cloudymax","description":"A Grafana dashboard for JSON formatted kubernetes ingress-nginx modsecurity logs for use with Kuber-Pormetheus-Stack and Loki-Stack","archived":false,"fork":false,"pushed_at":"2023-05-09T14:18:46.000Z","size":14,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-30T23:38:00.496Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cloudymax.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-09T13:57:02.000Z","updated_at":"2024-10-21T12:14:20.000Z","dependencies_parsed_at":null,"dependency_job_id":"73f8df77-ed16-4123-a57f-60e698b0a039","html_url":"https://github.com/cloudymax/modsecurity-dashboard","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudymax%2Fmodsecurity-dashboard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudymax%2Fmodsecurity-dashboard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudymax%2Fmodsecurity-dashboard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudymax%2Fmodsecurity-dashboard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cloudymax","download_url":"https://codeload.github.com/cloudymax/modsecurity-dashboard/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251800994,"owners_count":21645966,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-03T21:46:12.638Z","updated_at":"2025-04-30T23:38:37.792Z","avatar_url":"https://github.com/cloudymax.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Modsecurity Dashboard\n\nA Grafana dashboard for JSON-formatted kubernetes ingress-nginx modsecurity logs.  \n\n## Acknowledgement \n\nThis dashbboard is a heavily-modified derivative of the [NGINX ModSecurity OWASP CRS V0.0](https://grafana.com/grafana/dashboards/15495-nginx-modsecurity-owasp-crs-v0-0/) dashboard by [coffeeflash](https://github.com/coffeeflash). They discus more about it's creation in [this blog post](https://tobisyurt.net/modsecurity-nginx). I have modified the dashboard to use `JSON` logs collected from `/dev/stdout` and changed some formatting for readability.\n\n\u003cimg width=\"1620\" alt=\"Screenshot 2023-05-09 at 15 48 26\" src=\"https://github.com/cloudymax/modsecurity-dashboard/assets/84841307/5b203267-6fc1-48fe-b141-cb4c8f47cda1\"\u003e\n\n## Requirements\n\n- [Kubernetes ingress-nginx](https://github.com/kubernetes/ingress-nginx) with metrics and modsecurity enabled\n- Modesecurity log format set to `JSON`\n- Modsecurity log output path `/dev/stdout`\n- [Kube-Prometheus-Stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) (Prometheus, Grafana)\n- [Loki-Stack](https://github.com/grafana/helm-charts/tree/main/charts/loki-stack) (Promtail, Loki)\n\n## Enable NGINX MOD Security + Metrics\n\n1. Update the Nginx configmap:\n\n    ```bash\n    kubectl edit configmap -n ingress-nginx ingress-nginx-controller\n    ```\n\n2. Enable modsecurity:\n\n    ```yaml\n    apiVersion: v1\n    data:\n      # ...\n      allow-snippet-annotations: \"true\"\n      enable-modsecurity: \"true\"\n      enable-owasp-modsecurity-crs: \"true\"\n      load-balance: ewma\n      modsecurity-snippet: |-\n        SecRuleEngine DetectionOnly\n        SecAuditEngine RelevantOnly\n        SecStatusEngine On\n        SecRequestBodyAccess On\n        SecAuditLog /dev/stdout\n        SecAuditLogFormat JSON\n      # ...\n    ```\n\n3. Expose metrics\n\n    ```bash\n    helm upgrade ingress-nginx ingress-nginx \\\n    --repo https://kubernetes.github.io/ingress-nginx \\\n    --namespace ingress-nginx \\\n    --set controller.metrics.enabled=true \\\n    --set-string controller.podAnnotations.\"prometheus\\.io/scrape\"=\"true\" \\\n    --set-string controller.podAnnotations.\"prometheus\\.io/port\"=\"10254\"\n    ```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudymax%2Fmodsecurity-dashboard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcloudymax%2Fmodsecurity-dashboard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudymax%2Fmodsecurity-dashboard/lists"}