ejdamm / bristle Goto Github PK
View Code? Open in Web Editor NEWA GUI for snort written in php
License: MIT License
A GUI for snort written in php
License: MIT License
I ran across an issue where I try to view the details of an event when it's filtered. When I click the details of an event I lose my filter.
For instance, if I go to: https://sergiomitm.com/bristle/events.php and filter for SSH scans, I get a urls like this:
https://sergiomitm.com/bristle/events.php?ip_src=&ip_dst=&sig_name=ssh+scan&submit=Filter&filter=-
If I click the first event to view details, the resulting url is:
https://sergiomitm.com/bristle/events.php?filter=-&sid=1&cid=1208628
which just shows my most recent events, not the details of the item I was hoping for.
If I combine the parameters of the last two options, I get what I was hoping for
https://sergiomitm.com/bristle/events.php?ip_src=&ip_dst=&sig_name=ssh+scan&submit=Filter&filter=-&sid=1&cid=1208628
Let me know if this needs any clarification, hopefully it's an easy thing to deal with.
Hello,
There's a problem when php tries to connect to mysql database.
In my apache log I got :
[:error] [pid 24983] [client xxxxxxxxx] PHP Warning: array_merge(): Argument #2 is not an array in xxx/bristle/lib/Database/CDatabaseBasic.php on line 60
[:error] [pid 24983] [client xxxxxxxxx] PHP Fatal error: Uncaught Exception: You can not connect, missing dsn. in xxx/bristle/lib/Database/CDatabaseBasic.php:112\nStack trace:\n#0 xxx/bristle/src/db.php(13): Mos\Database\CDatabaseBasic->connect()\n#1 xxx/bristle/index.php(5): DB_QUERY->__construct()\n#2 {main}\n thrown in xxx/bristle/lib/Database/CDatabaseBasic.php on line 112
Older version of bristle still access to the database, and conf.php is correctly setup.
I use Apache/2.4.18 / mysql 5.7.21 / PHP 7.0.22
Hi,
Finally a good web ui for snort, working with PHP7 ๐ Great Dashboard and nice graphics !
I have quickly modified source code for getting ports with dest and src IP. So, if you're interested.
events.php :
".$event['ip_src'].':'.$event['tcp_sport'].$event['udp_sport']."
".$event['ip_dst'].':'.$event['tcp_dport'].$event['udp_dport']."
db.php :
$sql = "SELECT event.sid, event.cid, sig_name, DATE_FORMAT(timestamp, '%d-%m-%Y') AS date, DATE_FORMAT(timestamp, '%H:%i') AS time, sig_priority, inet_ntoa(ip_src) as ip_src, inet_ntoa(ip_dst) as ip_dst, tcp_sport, tcp_dport, udp_sport, udp_dport
FROM event
INNER JOIN signature on event.signature = signature.sig_id
INNER JOIN iphdr on event.sid = iphdr.sid AND event.cid = iphdr.cid
LEFT JOIN tcphdr on event.sid = tcphdr.sid AND event.cid = tcphdr.cid
LEFT JOIN udphdr on event.sid = udphdr.sid AND event.cid = udphdr.cid
Need to adjust the CSS for better rendering...
Good working :-)
Hey there,
Not sure if there's already a way in which this can be achieved, without having to dive into the back end.
But what are the chances of being able to specify a custom date range on the web front end?
If I'm wanting to build a monthly summary for a retrospective report, is there an easy way I can select for example: 1st of May, 2018 through to and including 31st of May, 2018?
Great job, by the way!
Cheers!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.