On 6/21/2012 2:47 PM, dan (ddp) wrote:
I prefer a fix or solution. I'm not a developer and not intended to
be...
Hire someone who knows PHP.
WUI is junk. No one seems to be able to get it working properly.
Aww WUI isn't that bad, considering the poor thing has to parse logfiles
I find it does a pretty good job. Since OSSEC supports writing alerts to
a database, recoding WUI to (optionally) use the database backend for
pulling the alert data would be cool (any motivated PHP programmers out
there / on the list willing to do it?).
As far as I can tell, the main problem with WUI and OSSEC 2.6 seems to
be that in 2.6 the lines "Src IP:" and "User:" are optional in the alert
logs (depending on if they have values or not). Should be easy enough to
fix, and by the end of the weekend I should have enough test data to see
if my little hotfix works or breaks.
Will keep the thread updated with my progress :-)
