Skip to content

ossec/ossec-wui

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

The OSSEC Web UI is currently unmaintained and deprecated.
If you are interested in maintaining the project, please contact the OSSEC team (open an issue, send a message to the mailing list, etc).

We recommend using Kibana, Splunk, or similar projects for monitoring alerts.

------------------------------------------------------------------------------------------------------------------------------------------

OSSEC Web UI v0.8
Copyright (c) 2006-2013 Trend Micro Inc.


1- How to install.

1.0 - Prerequisites

    - Apache with PHP (>= 4.1 or >= 5.0) installed.
    - OSSEC (version >= 0.9-3) already installed.


1.1- Clone the web ui script:

    # git clone https://github.com/ossec/ossec-wui.git


1.2- Move the folder to somewhere acessible by
     your web server:

    # mv ossec-wui* /var/www/htdocs/ossec-wui


1.3- Run the setup script (assign username/password...):

    # cd /var/www/htdocs/ossec-wui
    # ./setup.sh
    ...


1.4- If selinux is enabled, ossec-wui is normally unable to access 
     various ossec log files.  One way to fix this is to install a 
     selinux targeted policy.

     Create a TE file (eg. 
     /etc/seliinux/targeted/ossec-wui/ossec-wui.te) with the following 
     content:

    module ossec-wui 1.0;

    require {
	type var_log_t;
        type httpd_t;
        type var_t;
        class file { read getattr open };
    }

    #============= httpd_t ==============
    allow httpd_t var_log_t:file read;
    allow httpd_t var_t:file { read getattr open };

     Then run the following commands as root:

    checkmodule -M -m ossec-wui.te -o ossec-wui.mod
    semodule_package -o ossec-wui.pp -m ossec-wui.mod
    semodule -i ossec-wui.pp 

1.5- If you have a large ossec install, you may want to
     re-configure PHP to support longer lasting scripts
     and higher memory utilization. The following entries
     on php.ini can be increased:

     max_execution_time = 180
     max_input_time = 180
     memory_limit = 30M


1.6- Try to access the UI.

     http://anyhost/ossec-wui/

1.7- Report any problems or suggestions to our mailing list.