The ModSecurity Console
The log data we have seen so far can be tedious to look at, as it will most likely require you logging into the server and manually examining the various log files. In particular if you have many servers running ModSecurity you would probably not want to manually examine the log files on each one to determine what attacks, if any, your servers have blocked.
Luckily, there is an excellent tool called the ModSecurity Console that allows you to view audit logs using your web browser. The console is able to collect audit log data from several servers running ModSecurity—each server that provides log data to ModSecurity is referred to as a sensor.
The console has a number of attractive features that greatly simplify the viewing and management of audit logs:
Overview of all sensors, including the number of unhandled (active) alerts on each
Ability to view detailed information about each event, including the full request headers and body, IP address of the client that generated...