Re: [ossec-list] OSSEC-WUI SrcIP parsing question

Thanks for doing this guys. It was in need of some attention. Michael D. Wood www.itsecuritypros.org On Feb 6, 2013, at 7:04 PM, Jb Cheng wrote: > Thanks to Ryan Schulze's contribution, also Darius Jahandarie, ddpbsd, and > Vic Hargrave. > > I started integrating several WUI patches into a

Re: [ossec-list] OSSEC-WUI SrcIP parsing question

Thanks to Ryan Schulze's contribution, also Darius Jahandarie, ddpbsd, and Vic Hargrave. I started integrating several WUI patches into a BitBucket repository: https://bitbucket.org/jbcheng/ossec-wui/. (1) Updated logo, remove paypal button, wider display format, easier to read events output.

Re: [ossec-list] OSSEC-WUI SrcIP parsing question

Hi Vilius, If you are using the OSSEC Web UI 0.3 download from ossec.net you may want to have a look at some of the patches here on the list. e.g. http://osdir.com/ml/ossec-list/2012-06/msg00161.html The log format changed with version OSSEC 2.6 and broke some of the functionality of the Web

[ossec-list] OSSEC-WUI SrcIP parsing question

Hey, I try to understand where exactly ossec-wui is parsing srcip, as I have often bad parsing, for example: 2013 Feb 02 10:48:42 Rule Id: 2901 level: 3 Location: ubuntu->/var/log/dpkg.log Src IP: 02 10:48:41 install libapr1 1.4.6-1 New dpkg (Debian