From 99c2189fd0172dbf932441f9a44e4cc62b3071ff Mon Sep 17 00:00:00 2001 From: Ermal Date: Sun, 15 Jul 2012 20:52:01 +0000 Subject: Enable Sorting classes and actually get the last of the file rather then begining --- config/snort/snort_alerts.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index bd40b6e0..e05bd938 100644 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -251,14 +251,16 @@ if ($pconfig['arefresh'] == 'on') - +
+ + @@ -267,16 +269,15 @@ if ($pconfig['arefresh'] == 'on') /* make sure alert file exists */ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { - $fd = fopen("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert", "r"); - if ($fd) { + exec("tail -{$anentries} /var/log/snort/snort_{$if_real}{$snort_uuid}/alert > /tmp/alert_{$snort_uuid}"); + if (file_exists("/tmp/alert_{$snort_uuid}")) { $counter = 0; /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */ /* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */ + $fd = fopen("/tmp/alert_{$snort_uuid}", "r"); while(($fileline = @fgets($fd))) { if (empty($fileline)) continue; - if ($counter > $anentries) - break; $fields = explode(",", $fileline); /* Date */ @@ -305,7 +306,9 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { - + + +
Date PRI PROTO CLASS SRCSRCPORt DSTDSTPORT SID DESCRIPTION
{$alert_proto} {$alert_class} {$alert_ip_src}:{$alert_src_p}{$alert_ip_dst}:{$alert_dst_p}{$alert_src_p}{$alert_ip_dst}{$alert_dst_p} {$alert_sid_str} -- cgit v1.2.3