From 538b98941fab76c8673f7eb5178b03982f48cd31 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Sat, 7 Oct 2006 23:18:37 +0000 Subject: Make snort alerts clickable --- packages/snort/snort.inc | 10 ++++++++++ packages/snort/snort_alerts.php | 6 +++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc index f13e2990..fd27ad49 100644 --- a/packages/snort/snort.inc +++ b/packages/snort/snort.inc @@ -503,4 +503,14 @@ function get_snort_alert($ip) { return "n/a"; } +function make_clickable($buffer) { + $buffer = eregi_replace("(^|[ \n\r\t])((http(s?)://)(www\.)?([a-z0-9_-]+(\.[a-z0-9_-]+)+)(/[^/ \n\r]*)*)","\\1\\2", $buffer); + $buffer = eregi_replace("(^|[ \n\r\t])((ftp://)(www\.)?([a-z0-9_-]+(\.[a-z0-9_-]+)+)(/[^/ \n\r]*)*)","\\1\\2", $buffer); + $buffer = eregi_replace("([a-z_-][a-z0-9\._-]*@[a-z0-9_-]+(\.[a-z0-9_-]+)+)","\\1", $buffer); + $buffer = eregi_replace("(^|[ \n\r\t])(www\.([a-z0-9_-]+(\.[a-z0-9_-]+)+)(/[^/ \n\r]*)*)","\\1\\2", $buffer); + $buffer = eregi_replace("(^|[ \n\r\t])(ftp\.([a-z0-9_-]+(\.[a-z0-9_-]+)+)(/[^/ \n\r]*)*)","\\1\\2", $buffer); + + return $buffer; +} + ?> \ No newline at end of file diff --git a/packages/snort/snort_alerts.php b/packages/snort/snort_alerts.php index 81fe4bf3..dfa20b68 100644 --- a/packages/snort/snort_alerts.php +++ b/packages/snort/snort_alerts.php @@ -32,6 +32,7 @@ require("globals.inc"); require("guiconfig.inc"); +require("/usr/local/pkg/snort.inc"); $snort_logfile = "{$g['varlog_path']}/snort/alert"; @@ -101,8 +102,11 @@ function dump_log_file($logfile, $tail, $withorig = true, $grepfor = "", $grepin foreach ($logarr as $logent) { if(!logent) continue; + $ww_logent = $logent; + $ww_logent = str_replace("[", " [ ", $ww_logent); + $ww_logent = str_replace("]", " ] ", $ww_logent); echo "\n"; - echo "" . $logent . " \n"; + echo "" . make_clickable($ww_logent) . " \n"; echo "\n"; } } -- cgit v1.2.3