ossec/ossec-wui ossec/ossec-wui

  • Stars
    star
    162
  • Rank 232,284 (Top 5 %)
  • Language
    PHP
  • License
    Other
  • Created about 11 years ago
  • Updated about 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
ossec/ossec-wui
github

ossec

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

OSSEC Web User Interface - Unmaintained!! 
The OSSEC Web UI is currently unmaintained and deprecated.
If you are interested in maintaining the project, please contact the OSSEC team (open an issue, send a message to the mailing list, etc).

We recommend using Kibana, Splunk, or similar projects for monitoring alerts.

------------------------------------------------------------------------------------------------------------------------------------------

OSSEC Web UI v0.8
Copyright (c) 2006-2013 Trend Micro Inc.


1- How to install.

1.0 - Prerequisites

    - Apache with PHP (>= 4.1 or >= 5.0) installed.
    - OSSEC (version >= 0.9-3) already installed.


1.1- Clone the web ui script:

    # git clone https://github.com/ossec/ossec-wui.git


1.2- Move the folder to somewhere acessible by
     your web server:

    # mv ossec-wui* /var/www/htdocs/ossec-wui


1.3- Run the setup script (assign username/password...):

    # cd /var/www/htdocs/ossec-wui
    # ./setup.sh
    ...


1.4- If selinux is enabled, ossec-wui is normally unable to access 
     various ossec log files.  One way to fix this is to install a 
     selinux targeted policy.

     Create a TE file (eg. 
     /etc/seliinux/targeted/ossec-wui/ossec-wui.te) with the following 
     content:

    module ossec-wui 1.0;

    require {
	type var_log_t;
        type httpd_t;
        type var_t;
        class file { read getattr open };
    }

    #============= httpd_t ==============
    allow httpd_t var_log_t:file read;
    allow httpd_t var_t:file { read getattr open };

     Then run the following commands as root:

    checkmodule -M -m ossec-wui.te -o ossec-wui.mod
    semodule_package -o ossec-wui.pp -m ossec-wui.mod
    semodule -i ossec-wui.pp 

1.5- If you have a large ossec install, you may want to
     re-configure PHP to support longer lasting scripts
     and higher memory utilization. The following entries
     on php.ini can be increased:

     max_execution_time = 180
     max_input_time = 180
     memory_limit = 30M


1.6- Try to access the UI.

     http://anyhost/ossec-wui/

1.7- Report any problems or suggestions to our mailing list.

More Repositories

1

ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
C
4,383
star
2

ossec-docs

OSSEC Documentation
HTML
137
star
3

ossec-docker

Shell
58
star
4

ossec-rules

A repository for OSSEC rules and decoders
Python
49
star
5

ossec.github.io

OSSEC website on Github
HTML
24
star
6

ossec-vagrant

OSSEC Vagrant testing and development setup
16
star
7

kofe-docker

KOFE (Kibana, OSSEC, Filebeat, and Elasticsearch) using Docker
Shell
5
star
8

oum

Shell
4
star
9

kofe

JavaScript
4
star
10

ossec-buildbot

Python
4
star
11

archive-ossec.github.io-archive

OSSEC website on Github
HTML
2
star