Web interface - HOW TO ??
SystemAli
dan (ddp)
What GUI?
Chris Phillips
From: ossec...@googlegroups.com [mailto:ossec...@googlegroups.com] On Behalf Of SystemAli
Sent: 27 July 2011 17:29
To: ossec...@googlegroups.com
Subject: [ossec-list] Web interface - HOW TO ??
Hello All :
I want to install and configure the GUI for OSSEC, But since i am a little novice in Apache + Php etc.. I am looking at detailed instructions as to how to get this
up and running...PLEASE ASSIST !!!!
Thank you
--
Hi,
You should really ask much more explicit questions, give more details about your setup and ideally, show that you’ve at least “had a go”, before asking a mailinglist...
I won’t tell you how to install Apache & PHP, as Google will do a better job and who knows which OS platform you have.
This is what I did, to get ours up and running (some time this week): -
Become root
$ sudo -s
Go to where you want the software to be installed, grab it from the website, extract the files, rename, then enter the new directory & run the setup script
# cd /var/www && wget http://www.ossec.net/files/ui/ossec-wui-0.3.tar.gz && tar zxvf ossec-wui-0.3.tar.gz && mv ossec-wui-0.3 ossec-wui & cd ossec-wui && ./setup.sh
Find out what user your httpd process runs as
# ps awux | head -1 ; ps awux | grep httpd
Add the httpd user (in our case it was “apache”), to the ossec group in /etc/group (like this)
ossec:x:12324:apache
Then I just created a VirtualHost config for my new site (if this bit is beyond you, you would be better off Googling and having fun experimenting, than asking)... On our system I created /etc/httpd/conf.d/ossec.conf with these contents: -
##############################################################################
# ossec
##########
<VirtualHost *:80>
ServerName ossec.our.domain
ServerAlias ossec ossec*
TransferLog /var/log/httpd/ossec-wui-access.log
ErrorLog /var/log/httpd/ossec-wui-error.log
DocumentRoot "/var/www/ossec-wui"
<Directory "/var/www/ossec-wui">
Order allow,deny
Allow from All
AllowOverride All
</Directory>
<Location />
Order allow,deny
Allow from 192.168.0.0/24
Satisfy All
</Location>
</VirtualHost>
Then I checked the syntax of my config & restarted apache and started surfing
# apachectl -S && apachectl graceful
For sensibility’s sake, un-become root
# exit
$
HTH,
--
ChrisP
James M Pulver
The webinterface didn’t seem to work for me with 2.6 though (maybe because it was an upgrade from 2.5 and there were some posts about mysql issues?) and I understand it isn’t being updated, so I’m not sure it’s worth getting used to . . .
--
James Pulver
Information Technology Area Supervisor
LEPP Computer Group
Cornell University
ash kumar
SystemAli
dan (ddp)
dan (ddp)
You should look into Linux training if this is giving you issues. This
is pretty basic stuff.
You might also want to get a book on PHP, the WUI is slightly broken
at the moment. Since it's a dead project, no one has fixed it publicly
(that I know of).
Chris Phillips
I have some experience of log parsing and changing log entries...
--
ChrisP
Chris Phillips - Service Designer, intY Ltd.