webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-26 10:52:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

IPS logging: There is no distinguation between suricata & snort required

Browse Source 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2019-04-12 17:33:39 +01:00
parent 19c066b602
commit 2eb0c326da
1 changed files with 1 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
html/cgi-bin/logs.cgi/ids.dat
View File

@@ -383,7 +383,6 @@ sub processevent
our ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid, @refs);
my $filestr='';
my $readmode='';
if ($datediff==0) {
# If there is no datediff, directly assign the suricata fast.log.
$filestr="/var/log/suricata/fast.log";
@@ -399,9 +398,6 @@ sub processevent
# Assign snort alert file, the datediff and extension for compressed file.
$filestr = "/var/log/snort/alert.$datediff";
$filestr = "$filestr.gz";
# Assign "snort" as readmode.
$readmode="snort";
}
}
if (!(open (LOG,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
@@ -411,7 +407,7 @@ sub processevent
while(<LOG>) {
$line++;
if (($_ =~ m/\[\*\*\]/) && ($readmode eq "snort")) {
if ($_ =~ m/\[\*\*\]/) {
unless ($line == 1 || $date ne "$monthstr/$daystr") {
&append;
$line = 1;
@@ -420,17 +416,6 @@ sub processevent
@refs = ();
$_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/;
$title = &Header::cleanhtml($2,"y");
} else {
&append;
$line = 1;
# Assign default values.
($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport,$sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a");
@refs = ();
# Gather title details from line.
$_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/;
$title = &Header::cleanhtml($2,"y");
}
if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) {
$classification = &Header::cleanhtml($1,"y");