ossec / ossec-wui Goto Github PK
View Code? Open in Web Editor NEWOSSEC Web User Interface - Unmaintained!!
License: Other
OSSEC Web User Interface - Unmaintained!!
License: Other
I need to export the Ossec report from server or webpage. Any one Please help me how can i do that?
dont know whether it can be fixed or not. but getting issue with ossec wui file.
due to that apache2 service wont be able to start. there are some mis-configuration happened while installing Ossec-wui.
need help to resolve the issue at the earliest.
If selinux is enabled, ossec-wui is normally unable to access various ossec log files. One way to fix this is to install a selinux targeted policy.
module ossec-wui 1.0;
require {
type var_log_t;
type httpd_t;
type var_t;
class file { read getattr open };
}
#============= httpd_t ==============
allow httpd_t var_log_t:file read;
allow httpd_t var_t:file { read getattr open };
The above would go into a TE file (/etc/selinux/targeted/ossec-wui/ossec-wui.te) and then installed using:
checkmodule -M -m ossec-wui.te -o ossec-wui.mod
semodule_package -o ossec-wui.pp -m ossec-wui.mod
semodule -i ossec-wui.pp
When you select a location, a period or different parameters in the search section
it would be interresting to export the Report in a file.
Pdf or html format will be great.
Thanks
The rules links in ossec-wui are broken.
Version 0.8 links to http://ossec-docs.readthedocs.org/en/latest/search.html?q=rule-id-, but I cannot find any rule by searching on that documentation.
Ossec-wui 0.3 used to point to osse.net/wiki/index.php, but I get a 403 from those pages now.
Is there a page that lists and explains the default rules? Or has this functionality been removed?
After the update to OSSEC v2.8 I'm getting this message:
Unable to access ossec directory.
Nothing else has changed. Path is still /var/ossec
The master branch is missing the following commits from the original bitbucket repository. They're in the hg/default branch though.
https://bitbucket.org/jbcheng/ossec-wui/commits/b4cf252936ce98509d4b0959dc51103ce33729c7
https://bitbucket.org/jbcheng/ossec-wui/commits/c373c2dd691a4b5d47eba673c7df1debc890379e
Hi all,
i know that the Ossec WebUI project is currently dead, i would nevertheless post a solution for the above mentioned problem.
Since we tried the WebUI again out in the IPFire project --> https://forum.ipfire.org/viewtopic.php?f=50&p=125255#p125255 we discovered the problem that the stats.php and the search.php starts the time ranges at 1970 (epoch time) we find a work around with this diff:
--- /srv/web/ossec.orig/site/search.php 2019-06-10 12:58:12.516654796 +0200
+++ /srv/web/ossec/site/search.php 2019-06-10 12:48:30.129985517 +0200
@@ -28,7 +28,7 @@
/* Initializing some variables */
-$u_final_time = time(0);
+$u_final_time = time();
$u_init_time = $u_final_time - $ossec_search_time;
$u_level = $ossec_search_level;
$u_pattern = "";
diff -Nur /srv/web/ossec.orig/site/stats.php /srv/web/ossec/site/stats.php
--- /srv/web/ossec.orig/site/stats.php 2019-06-10 12:58:12.516654796 +0200
+++ /srv/web/ossec/site/stats.php 2019-06-10 12:48:30.106652183 +0200
@@ -29,7 +29,7 @@
/* Current date values */
-$curr_time = time(0);
+$curr_time = time();
$curr_day = date('d',$curr_time);
$curr_month = date('m', $curr_time);
$curr_year = date('Y', $curr_time);
We are using:
$ php -v PHP 7.3.6 (cli) (built: Jun 8 2019 13:33:53) ( ZTS DEBUG ) Copyright (c) 1997-2018 The PHP Group Zend Engine v3.3.6, Copyright (c) 1998-2018 Zend Technologies
Not sure if this might be a help for others. Would like to say a big thanks to the Ossec project and also to the done work for the WebUI .
Best regards,
Erik
The following link is dead in the README.md file.
1.1- Download the web ui package:
# wget http://www.ossec.net/files/ui/ossec-wui-0.3.tar.gz
I cloned ossec-wui from the repo and installed it on CentOS 6.6 with Apache 2.2 (latest version from the centos repo).
I followed the instructions in the README.
Yet, I get this error:
Results:
Total alerts found: 33
Nothing returned (or search expired).
In the http_error log I find dozens of these:
PHP Warning: fopen(./tmp/output-tmp.1-57-8cd5679a49c37a4583dfa34473436ab4.php): failed to open stream: No such file or directory in /var/www/html/ossec-wui/lib/os_lib_alerts.php on line 39
there's no tmp dir in /var/www/html/ossec-wui
the owner/group and perma of the /var/ossec/tmp dir however are:
root:apache and 770
selinux is disabled (set to permissive)
the temp file doesn't exist, nor does the tmp directory in the ossec-wui directory exist.
the whole ossec-wui directory (and its subdirectories) belong to root:root instead of apache:apache
maybe this is the problem?
i'd like to using nginx+php,how ?
Hi,
I have tried updating v.0.3 to the latest 0.9 but unfortunately once installed it shows only 1 latest alert on the main page instead of default 1000 configured.
setup.sh has also been run.
Have I missed something?
hi:
The main/search page of OSSEC-WUI is not showing information after upgrating PHP. Apache log is showing the next error:
PHP Fatal error: Uncaught Error: Call to undefined function split() in /var/www/html/ossec-wui/lib/os_lib_agent.php:111
Server data:
Debian 9, PHP 7.x and Apahe 2.4.
It seens that split() is not supported on the new PHP. I was able to fix the error changing the line 111 of /var/www/html/ossec-wui/lib/os_lib_agent.php from:
@list($_name, $_ip) = split("-", $tmp_file, 2);
to
@list($_name, $_ip) = explode("-", $tmp_file, 2);
The page can now be shown. Please to advice if the change is good.
Hey there,
It would be good to be able to create an Agent Auth Key from the WUI.
I ran these commands:
sudo apt-get install build-essential gcc make apache2 libapache2-mod-php7.2 php7.2 php7.2-cli php7.2-common apache2-utils unzip wget sendmail inotify-tools
git clone https://github.com/ossec/ossec-wui.git
sudo mv ossec-wui /var/www/html/ossec
cd /var/www/html/ossec
sudo ./setup.sh
reboot
nginx.org
be nice to know with HTTP servers are supported,
retired dev ebuilds are dead , so having to RE-create them from scratch so for use case flaggs , for gentoo , its a nice to know if ngix not supported it would be a nice to have.
hello Gitters.
I stay using the last version, and when I add a first agent the Main Screen then fail.
I get this log.
PHP Fatal error: Uncaught Error: Call to undefined function split() in /var/www/html/lib/os_lib_agent.php:111\nStack trace:\n#0 /var/www/html/site/main.php(33): os_getagents(Array)\n#1 /var/www/html/index.php(126): include('/var/www/html/s...')\n#2 {main}\n thrown in /var/www/html/lib/os_lib_agent.php on line 111
how solve then?
Thanks.
Yoinier.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.