diff options
| author | jim-p <jim@pingle.org> | 2009-10-17 15:27:13 -0400 |
|---|---|---|
| committer | jim-p <jim@pingle.org> | 2009-10-17 15:28:01 -0400 |
| commit | e9562289eb7346dc2782e8f2ffe0236878deedc7 (patch) | |
| tree | 4b472ca931a4b5c821ad3beb38344f1ff80cad47 /config/widget-snort | |
| parent | b5faf7a8a7e083affce17a7b19755474a1b38cfb (diff) | |
| download | pfsense-packages-e9562289eb7346dc2782e8f2ffe0236878deedc7.tar.gz pfsense-packages-e9562289eb7346dc2782e8f2ffe0236878deedc7.tar.bz2 pfsense-packages-e9562289eb7346dc2782e8f2ffe0236878deedc7.zip | |
Snort widget updates, courtesy of matrix200
Diffstat (limited to 'config/widget-snort')
| -rw-r--r-- | config/widget-snort/snort_alerts.inc.php | 8 | ||||
| -rw-r--r-- | config/widget-snort/snort_alerts.js | 9 | ||||
| -rw-r--r-- | config/widget-snort/snort_alerts.widget.php | 14 | ||||
| -rw-r--r-- | config/widget-snort/widget-snort.xml | 2 |
4 files changed, 17 insertions, 16 deletions
diff --git a/config/widget-snort/snort_alerts.inc.php b/config/widget-snort/snort_alerts.inc.php index 99e3ee9f..48506f9b 100644 --- a/config/widget-snort/snort_alerts.inc.php +++ b/config/widget-snort/snort_alerts.inc.php @@ -26,7 +26,7 @@ function get_snort_alerts($snort_alerts, $nentries, $tail = 20) { function parse_snort_alert_line($line) { $log_split = ""; - + $datesplit = ""; preg_match("/^(.*)\s+\[\*\*\]\s+\[(\d+\:\d+:\d+)\]\s(.*)\s(.*)\s+\[\*\*\].*\s+\[Priority:\s(\d+)\]\s{(.*)}\s+(.*)\s->\s(.*)$/U", $line, $log_split); list($all, $alert['time'], $alert['rule'], $alert['category'], $alert['descr'], @@ -40,6 +40,10 @@ function parse_snort_alert_line($line) { $usableline = false; if($usableline == true) { + preg_match("/^(\d+)\/(\d+)-(\d+\:\d+\:\d+).\d+$/U", $alert['time'], $datesplit); + $alert['dateonly'] = $datesplit[2] . "/" . $datesplit[1]; + $alert['timeonly'] = $datesplit[3]; + $alert['category'] = strtoupper( substr($alert["category"],0 , 1) ) . strtolower( substr($alert["category"],1 ) ); return $alert; } else { if($g['debug']) { @@ -67,7 +71,7 @@ function handle_snort_ajax($snort_alerts_logfile, $nentries = 5, $tail = 50) { preg_match("/.*([0-9][0-9]:[0-9][0-9]:[0-9][0-9]).*/", $log_row['time'], $time_regex); $row_time = strtotime($time_regex[1]); if($row_time > $lastsawtime) { - $new_rules .= "{$log_row['time']}||{$log_row['priority']}||{$log_row['category']}||{$log_row['src']}||{$log_row['dst']}||" . time() . "||\n"; + $new_rules .= "{$log_row['time']}||{$log_row['priority']}||{$log_row['category']}||{$log_row['src']}||{$log_row['dst']}||" . time() . "||{$log_row['timeonly']}||{$log_row['dateonly']}" . "||\n"; } } echo $new_rules; diff --git a/config/widget-snort/snort_alerts.js b/config/widget-snort/snort_alerts.js index 48c97d6c..2eebb140 100644 --- a/config/widget-snort/snort_alerts.js +++ b/config/widget-snort/snort_alerts.js @@ -72,10 +72,9 @@ function snort_alerts_fetch_new_rules_callback(callback_data) { /* loop through rows */ row_split = data_split[x].split("||"); var line = ''; - line = '<td width="5%" class="listr">' + row_split[1] + '</td>'; - line += '<td width="5%" class="listr">' + row_split[2] + '</td>'; - line += '<td width="45%" class="listr">' + row_split[3] + '</td>'; - line += '<td width="45%" class="listr">' + row_split[4] + '</td>'; + line = '<td width="30%" class="listr" >' + row_split[6] + '<br>' + row_split[7]+ '</td>'; + line += '<td width="40%" class="listr" >' + row_split[3] + '<br>' + row_split[4] + '</td>'; + line += '<td width="40%" class="listr" >' + 'Pri : ' + row_split[1] + '<br>' + 'Cat : ' + row_split[2] + '</td>'; snortlastsawtime = row_split[5]; new_data_to_add[new_data_to_add.length] = line; } @@ -142,4 +141,4 @@ function snort_alerts_toggle_pause() { } } /* start local AJAX engine */ -snorttimer = setInterval('snort_alerts_fetch_new_rules()', snortupdateDelay); +snorttimer = setInterval('snort_alerts_fetch_new_rules()', snortupdateDelay);
\ No newline at end of file diff --git a/config/widget-snort/snort_alerts.widget.php b/config/widget-snort/snort_alerts.widget.php index 22bd1b69..aa416274 100644 --- a/config/widget-snort/snort_alerts.widget.php +++ b/config/widget-snort/snort_alerts.widget.php @@ -30,10 +30,9 @@ global $config, $g; <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tbody> <tr class="snort-alert-header"> - <td width="5%" class="widgetsubheader">Pri</td> - <td width="5%" class="widgetsubheader">Category</td> - <td width="45%" class="widgetsubheader">Src</td> - <td width="45%" class="widgetsubheader">Dst</td> + <td width="30%" class="widgetsubheader" >Date</td> + <td width="40%" class="widgetsubheader">Src/Dst</td> + <td width="40%" class="widgetsubheader">Details</td> </tr> <?php $counter=0; foreach ($snort_alerts as $alert) { ?> @@ -56,10 +55,9 @@ global $config, $g; ?> <tr class="snort-alert-entry" <?php echo $activerow; ?>> - <td width="5%" class="listr"><?= $alert["priority"] ?></td> - <td width="5%" class="listr"><?= $alert["category"] ?></td> - <td width="45%" class="listr"><?= $alert["src"] ?></td> - <td width="45%" class="listr"><?= $alert["dst"] ?></td> + <td width="30%" class="listr"><?= $alert['timeonly'] . ' ' . $alert['dateonly'] ?></td> + <td width="40%" class="listr"><?= $alert["src"] . '<br>' . $alert["dst"] ?></td> + <td width="40%" class="listr"><?= 'Pri : ' . $alert["priority"] . '<br>' . 'Cat : ' . $alert['category'] ?></td> </tr> <?php $counter++; } ?> diff --git a/config/widget-snort/widget-snort.xml b/config/widget-snort/widget-snort.xml index b32a27d7..1644181c 100644 --- a/config/widget-snort/widget-snort.xml +++ b/config/widget-snort/widget-snort.xml @@ -46,7 +46,7 @@ <requirements>Dashboard package and Snort</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>widget-snort</name> - <version>0.1</version> + <version>0.2</version> <title>Widget - Snort</title> <include_file>/usr/local/pkg/widget-snort.inc</include_file> <additional_files_needed> |