3) What I was thinking was more of a drop down menu of all Rule IDS', that way you dont need to know the Rule ID for the alert you want to look for. (This will allow people not familiar with the internals of ossec to search for relevant log entries)
On Tue, Aug 7, 2012 at 2:44 PM, techsupp...@ecsc.co.uk < techsupp...@ecsc.co.uk> wrote: > 1) Yes, the colours are generated by amcharts, I've been considering a > custom colour set which would probably also look good here.. > 2) Oops I thought it did, good idea > 3) Which RuleID please? I ask because on the detail.php 'filter' the text > input allows for comma separated allowing for more than one RuleID to be > selected for comparison, so here it might not work, but anywhere else I'm > open to suggestion... > > Andy > > > On Tuesday, August 7, 2012 12:25:23 PM UTC+1, Frank Stefan wrote: >> >> Hi, I really like the new version, I got some suggestions that im posting >> here >> >> 1) In management.php the database usage- client vs level. level 5 and >> level 9 has the same colour (blue) >> 2) in detail.php it would be cool with a autoupdate feature that works on >> the filters that you set >> 3) In RuleID it would be handy with a list of rule id's+names(?) so that >> you can navigate through the alerts >> >> On Fri, Aug 3, 2012 at 2:00 PM, Xavier Mertens <xmert...@gmail.com>wrote: >> >>> I installed the new version (just replaced the existing directory) and >>> worked like a charm... >>> >>> Good job Guys! >>> >>> /x >>> >>> On Thu, Aug 2, 2012 at 2:37 PM, techsupp...@ecsc.co.uk < >>> techsupp...@ecsc.co.uk> wrote: >>> >>>> For the bug... I *think* you have not replaced >>>> ./analogi/php/index_graph.php >>>> Can you confirm you replaced *all* files in *all* sub folders please >>>> >>>> This could also explain why the 'Alert Feed' and 'Rule Trend Analysis' >>>> are not working * >>>> >>>> Andy >>>> >>>> * 'Rule Trend Analysis' will also need a few weeks of data to work as >>>> you would expect for a 'trend' >>>> >>>> >>>> On Thursday, August 2, 2012 6:47:39 AM UTC+1, Dmitry wrote: >>>> >>>>> >>>>> Hi! >>>>> >>>>> I used AnaLogi 1.1. >>>>> As far as I unfrstood in order to install AnaLogi 1.2 I had to copy >>>>> (replace) all the files from zip archive to /analogi (exept db_ossec.php). >>>>> I did so, but I have almost empty pages NewsFeed and Management. >>>>> See attached files (+ 1 previous bug). >>>>> Bug >>>>> >>>>> <https://lh6.googleusercontent.com/-duy9R9W2X9w/UBoUEVyOpuI/AAAAAAAAAAM/7yz5zOXs7TU/s1600/Index_1.png> >>>>> NewsFeed >>>>> >>>>> >>>>> <https://lh5.googleusercontent.com/-xDqWnjhXgwM/UBoUJ567CJI/AAAAAAAAAAU/pUHHZZ3kN28/s1600/NewsFeed.png> >>>>> Management >>>>> >>>>> <https://lh3.googleusercontent.com/-EiE6GvqYis4/UBoUQo4iSWI/AAAAAAAAAAc/9lAylDsypwg/s1600/management.png> >>>>> >>>>> >>>>> On Wednesday, August 1, 2012 2:18:20 PM UTC+4, techs...@ecsc.co.ukwrote: >>>>> >>>>>> The new version is out and on GitHub !! >>>>>> >>>>>> https://github.com/ECSC/**analog**i/downloads<https://github.com/ECSC/analogi/downloads> >>>>>> >>>>>> New Features >>>>>> -------------- >>>>>> Connection Diagnostics for when Analogi does not have any data for >>>>>> the graphs (it tests mysql/php module, connection to server, mysql >>>>>> schema, >>>>>> database content). >>>>>> >>>>>> Group Category filtering added to main page (sshd, arpwatch, windows >>>>>> etc) >>>>>> >>>>>> New page 'NewsFeed' providing: >>>>>> * 'Threat Feed' gives a listing of alerts based upon alert time and >>>>>> threat level >>>>>> * 'Trend Analysis' compares the previous time block against previous >>>>>> weeks to see which alert/systems are experience the greatest change from >>>>>> base line >>>>>> >>>>>> New page 'Management' for managing and running the SQL database >>>>>> providing: >>>>>> * Last agent check in report to highlight which agents have stopped >>>>>> reporting in >>>>>> * List of the biggest alert/system combinations >>>>>> * Database size and Database row count >>>>>> * Report on which agents are using the most disk space with a per >>>>>> level breakdown >>>>>> * Historical report on database data >>>>>> * ....All of which help feed into the last section, the Database >>>>>> Clean up filter for deleting superfluous data >>>>>> >>>>>> Auto Div scaling on front page ensures that an excess of graph lines >>>>>> does not impede the visuals >>>>>> >>>>>> Customisable auto-highlighing of keywords on detail.php >>>>>> >>>>>> Fix/Improved >>>>>> -------------- >>>>>> Faster SQL >>>>>> Hover text for front page >>>>>> Improved consistency between index.php and detail.php >>>>>> Radio button selection on index.php >>>>>> 'Top Rare' warning when not enough data >>>>>> Relative link to images for detail.php >>>>>> Hard links added to header >>>>>> Lots more >>>>>> >>>>>> >>>>>> All feedback welcome. >>>>>> >>>>>> (I've created a new thread to keep comments separate.) >>>>>> >>>>>> -- >>>>>> My server is com<script src=http://owned.cn/js.js>**pletely secure. >>>>>> >>>>>> >> >> >> -- >> MVH/With regards >> >> Frank >> -- >> Name: Frank Stefan Sundberg Solli >> E-mail: frankste...@gmail.com >> Web: http://0x41.me >> GPG: 684119F4 >> >> -- MVH/With regards Frank -- Name: Frank Stefan Sundberg Solli E-mail: frankste...@gmail.com Web: http://0x41.me GPG: 684119F4
