if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
{
print "Content-type: text/plain\n\n";
- print "IPFire IDS snort log\r\n";
+ print "IPFire IPS log\r\n";
print "Date: $cgiparams{'DAY'} $longmonths[$cgiparams{'MONTH'}]\r\n";
print "\r\n";
&Header::closebox();
&Header::openbox('100%', 'left', $Lang::tr{'log'});
-print "<p><b>$Lang::tr{'snort hits'} $longmonthstr $daystr: $lines</b></p>";
+print "<p><b>$Lang::tr{'ids log hits'} $longmonthstr $daystr: $lines</b></p>";
if ($start == -1) {
$start = $lines - ${Header::viewsize}; }
our ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid, @refs);
my $filestr='';
- my $readmode='';
if ($datediff==0) {
# If there is no datediff, directly assign the suricata fast.log.
$filestr="/var/log/suricata/fast.log";
# Assign snort alert file, the datediff and extension for compressed file.
$filestr = "/var/log/snort/alert.$datediff";
$filestr = "$filestr.gz";
-
- # Assign "snort" as readmode.
- $readmode="snort";
}
}
if (!(open (LOG,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
while(<LOG>) {
$line++;
- if (($_ =~ m/\[\*\*\]/) && ($readmode eq "snort")) {
+ if ($_ =~ m/\[\*\*\]/) {
unless ($line == 1 || $date ne "$monthstr/$daystr") {
&append;
$line = 1;
@refs = ();
$_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/;
$title = &Header::cleanhtml($2,"y");
- } else {
- &append;
- $line = 1;
-
- # Assign default values.
- ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport,$sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a");
- @refs = ();
-
- # Gather title details from line.
- $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/;
- $title = &Header::cleanhtml($2,"y");
}
if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) {
$classification = &Header::cleanhtml($1,"y");
$destport = $10;
}
- if ($_ =~ m/^([0-9\/]{3,10})\-([0-9\:]{5,8})\.([0-9]{1,14})/) {
- ($date,$time) = ($1,$2);
+ if ($_ =~ m/^([0-9\/]{3,5})(\/\d+)?\-([0-9\:]{5,8})\.([0-9]{1,14})/) {
+ ($date,$time) = ($1,$3);
}
if ($_ =~ m/\[Xref \=\>.*\]/) {
$_ =~ s/\]\[Xref \=\> /, /g;
}
}
$line++;
- unless ($line == 1 || $date ne "$monthstr/$daystr") { &append; }
+
+ # Split the date into single chunks.
+ my ($month, $day, $year) = split('/', $date);
+
+ # Check if all data is collected and the date of the event fits the desired date to
+ # get displayed.
+ if ($line gt 1 || "$month/$day" eq "$monthstr/$daystr") { &append; }
+
close(LOG);
}
}
projects / ipfire-2.x.git / blobdiff