Detect what doesn't look normal
Scan an access log for anomalous requests.
Drop an nginx or Apache combined-format access log. The model learned what normal traffic looks like and flags requests that deviate — injection, traversal, scanners — and tells you which signals gave them away.
Drop an access log here
or click to choose a file
No log handy? Scan a sample · Download a sample log to try uploading
Where do I find my access logs?
- nginx —
/var/log/nginx/access.log - Apache —
/var/log/apache2/access.log(Debian/Ubuntu) or/var/log/httpd/access_log(RHEL/CentOS) - Format must be combined:
IP - - [time] "METHOD path HTTP/1.1" status bytes "referer" "user-agent" - Nothing is stored — the file is scored in memory and discarded.