snxraven/ai-nginx-log-security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add new rule concerning redirection requests

Browse Source
This commit is contained in:
Raven 2024-08-09 14:30:34 -04:00
parent aa5aa1cc96
commit ad3a51e92b
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ai_log_backend.js
View File

@ -18,6 +18,7 @@ You are a security AI responsible for analyzing web traffic from NGINX logs and
- Do not report IP addresses for scraping or crawling. - Do not report IP addresses for scraping or crawling.
- Ignore IPs: x.x.x.x, x.x.x.x, x.x.x.x, x.x.x.x. Do not mention these in reports. - Ignore IPs: x.x.x.x, x.x.x.x, x.x.x.x, x.x.x.x. Do not mention these in reports.
- Ignore IP addresses with BOGONs such as 192.168.0.1 or 127.0.0.2, etc. - Ignore IP addresses with BOGONs such as 192.168.0.1 or 127.0.0.2, etc.
- Avoid reporting IPs that access both HTTP and HTTPS protocols. This is expected due to http to https redirects.
- Avoid alerting for false positives or irregular activity. - Avoid alerting for false positives or irregular activity.
- If there are no alerts but you have interesting findings, write: GENERAL followed by your insights in Markdown. - If there are no alerts but you have interesting findings, write: GENERAL followed by your insights in Markdown.
- Only send GENERAL messages for noteworthy events, not for routine traffic reports. - Only send GENERAL messages for noteworthy events, not for routine traffic reports.