x.x.x.x www.site-web.com - [14/Feb/2022:12:14:30 +0100] "GET / HTTP/1.1" 200 32310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0"
x.x.x.x www.site-web.com - [14/Feb/2022:12:18:57 +0100] "GET / HTTP/1.1" 301 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:74.0) Gecko/20100101 Firefox/74.0"
x.x.x.x www.site-web.com - [14/Feb/2022:12:18:58 +0100] "GET / HTTP/1.1" 200 32309 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
x.x.x.x www.site-web.com - [14/Feb/2022:12:18:58 +0100] "POST /wp-cron.php?doing_wp_cron=1644837538.6799080371856689453125 HTTP/1.1" 200 25 "http:// www.site-web.com /wp-cron.php?doing_wp_cron=1644837538.6799080371856689453125" "WordPress/5.9; https:// www.site-web.com "
x.x.x.x www.site-web.com - [14/Feb/2022:12:31:04 +0100] "POST /wp-cron.php?doing_wp_cron=1644838264.4029200077056884765625 HTTP/1.1" 200 25 "https:// www.site-web.com /wp-cron.php?doing_wp_cron=1644838264.4029200077056884765625" "WordPress/5.9; https:// www.site-web.com "
<localfile>
<log_format>apache</log_format>
<location>/var/log/sites-web/*.log</location>
</localfile>
alerts.log** Alert 1644999760.65791: - web,appsec,attack,pci_dss_6.5,pci_dss_11.4,gdpr_IV_35.7.d,nist_800_53_SA.11,nist_800_53_SI.4,tsc_CC6.6,tsc_CC7.1,tsc_CC8.1,tsc_CC6.1,tsc_CC6.8,tsc_CC7.2,tsc_CC7.3,
2022 Feb 16 08:22:40 wazuh-manager->/var/log/sites-web.log
Rule: 31533 (level 10) -> 'High amount of POST requests in a small period of time (likely bot).'
Src IP: www.site-web.com
x.x.x.x www.site-web.com - [15/Feb/2022:19:46:44 +0100] "POST /wp-cron.php?doing_wp_cron=1604.73450 HTTP/1.1" 200 25 "https://www.site-web.com /wp-cron.php?doing_wp_cron=1604.73450" "WordPress/5.9; https://www.site-web.com " srcip2: x.x.x.x
x.x.x.x www.site-web.com - [15/Feb/2022:18:53:24 +0100] "POST /wp-cron.php?doing_wp_cron=1644960.9517090125 HTTP/1.1" 200 25 "https://www.site-web.com /wp-cron.php?doing_wp_cron=164494704.5158203125" "WordPress/5.9; https://www.site-web.com"
x.x.x.x www.site-web.com - [15/Feb/2022:18:50:31 +0100] "POST /wp-cron.php?doing_wp_cron=1644431.1962618750 HTTP/1.1" 200 25 "http://www.site-web.com /wp-cron.php?doing_wp_cron=1644947431.1962421750" "WordPress/5.9; https://www.site-web.com "
x.x.x.x www.site-web.com - [15/Feb/2022:17:53:05 +0100] "POST /wp-cron.php?doing_wp_cron=1644985.8333179125 HTTP/1.1" 200 25 "https://www.site-web.com /wp-cron.php?doing_wp_cron=164494385.8311328125" "WordPress/5.9; https://www.site-web.com "
x.x.x.x www.site-web.com - [15/Feb/2022:18:25:07 +0100] "POST /wp-cron.php?doing_wp_cron=1644990.8320350500 HTTP/1.1" 200 25 "https://www.site-web.com /wp-cron.php?doing_wp_cron=164494907.8325625000" "WordPress/5.9; https://www.site-web.com "
x.x.x.x www.site-web.com - [15/Feb/2022:18:33:57 +0100] "POST /wp-cron.php?doing_wp_cron=1644947.8326634050 HTTP/1.1" 200 25 "http://www.site-web.com /wp-cron.php?doing_wp_cron=1644946437.8361914050" "WordPress/5.9; https://www.site-web.com "
x.x.x.x www.site-web.com - [15/Feb/2022:17:00:12 +0100] "POST /wp-cron.php?doing_wp_cron=164494.50539085475 HTTP/1.1" 200 25 "http://www.site-web.com /wp-cron.php?doing_wp_cron=1644940812.5053942685" "WordPress/5.9; https://www.site-web.com "
x.x.x.x www.site-web.com - [15/Feb/2022:16:59:06 +0100] "POST /wp-cron.php?doing_wp_cron=164496.43686004500 HTTP/1.1" 200 25 "https://www.site-web.com /wp-cron.php?doing_wp_cron=164494746.4368600500" "WordPress/5.9; https://www.site-web.com "