From 2eb0c326da2196c56f6f955bf5371e5d8c7ca9db Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 12 Apr 2019 17:33:39 +0100 Subject: [PATCH] IPS logging: There is no distinguation between suricata & snort required Signed-off-by: Michael Tremer --- html/cgi-bin/logs.cgi/ids.dat | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat index 5e4613753c..b2bd9f1e4b 100644 --- a/html/cgi-bin/logs.cgi/ids.dat +++ b/html/cgi-bin/logs.cgi/ids.dat @@ -383,7 +383,6 @@ sub processevent our ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid, @refs); my $filestr=''; - my $readmode=''; if ($datediff==0) { # If there is no datediff, directly assign the suricata fast.log. $filestr="/var/log/suricata/fast.log"; @@ -399,9 +398,6 @@ sub processevent # Assign snort alert file, the datediff and extension for compressed file. $filestr = "/var/log/snort/alert.$datediff"; $filestr = "$filestr.gz"; - - # Assign "snort" as readmode. - $readmode="snort"; } } if (!(open (LOG,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) { @@ -411,7 +407,7 @@ sub processevent while() { $line++; - if (($_ =~ m/\[\*\*\]/) && ($readmode eq "snort")) { + if ($_ =~ m/\[\*\*\]/) { unless ($line == 1 || $date ne "$monthstr/$daystr") { &append; $line = 1; @@ -420,17 +416,6 @@ sub processevent @refs = (); $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/; $title = &Header::cleanhtml($2,"y"); - } else { - &append; - $line = 1; - - # Assign default values. - ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport,$sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a"); - @refs = (); - - # Gather title details from line. - $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/; - $title = &Header::cleanhtml($2,"y"); } if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) { $classification = &Header::cleanhtml($1,"y"); -- 2.39.2