id: django-framework-exceptions info: name: Django Framework Exceptions description: Detects suspicious Django web application framework exceptions that could indicate exploitation attempts author: geeknik reference: - https://docs.djangoproject.com/en/1.11/ref/exceptions/ - https://docs.djangoproject.com/en/1.11/topics/logging/#django-security severity: medium tags: file,logs,django file: - extensions: - all extractors: - type: regex name: exception part: body regex: - 'SuspiciousOperation' - 'DisallowedHost' - 'DisallowedModelAdminLookup' - 'DisallowedModelAdminToField' - 'DisallowedRedirect' - 'InvalidSessionKey' - 'RequestDataTooBig' - 'SuspiciousFileOperation' - 'SuspiciousMultipartForm' - 'SuspiciousSession' - 'TooManyFieldsSent' - 'PermissionDenied'