Beginner Pro

Apache Web Server Log Monitoring using Wazuh

Real-time detection of HTTP errors, brute-force and suspicious requests from Apache logs

Self-Paced by Rajneesh Gupta

Overview

Monitor Apache access/error logs with Wazuh to detect anomalies.
Forward logs from a Linux web server to a Wazuh manager.
Parse with built-in decoders and add a custom correlation rule.
Trigger alerts on bursts of 404/401 and server-side 5xx errors.
Visualize and hunt in Wazuh Dashboards.

  • Real-time log collection
  • Custom detection logic
  • Alert tuning & testing
  • Threat hunting basicsApache log collection

What You'll Learn

  • Apache log collection

    How to ship /var/log/apache2/* into Wazuh safely.

  • Detection engineering

    Write/tune local Wazuh rules for 4xx/5xx patterns.

  • Incident triage

    Read alerts, pivot to sources, confirm impact quickly.

  • Threat hunting

    Build queries/dashboards to explore suspicious traffic.

Prerequisites

  • 2 Linux VMs (Ubuntu 22.04+ recommended): one “Wazuh Manager”, one “Apache Web Server”
  • Internet access & sudo privileges on both machines
  • Basic familiarity with Apache and systemd

About Trainer

Rajneesh Gupta

Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.

LinkedIn YouTube GitHub

Related Projects

Apache Server Log Analysis using Splunk
Pro Intermediate

Apache Server Log Analysis using Splunk

Detecting Brute Force, SQL Injection, XSS, and Suspicious Web Activity from Apache Access Logs with Splunk SIEM

Practical AWS Cloud Security Posture Assessment Using Scout Suite
Free Beginner

Practical AWS Cloud Security Posture Assessment Using Scout Suite

Identify real-world AWS attack surfaces through visual security posture analysis.

Wazuh + n8n + Anyrun: Automated Malware Analysis
Pro Intermediate

Wazuh + n8n + Anyrun: Automated Malware Analysis

Automate malware analysis by sending Wazuh-detected suspicious files into ANY.RUN, retrieving detailed reports and IOCs, and integrating results back into your SOC workflow.