Skip to content

O
OpnSense
Commit b813f3c6 authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(ids) add missing fileid in alert info

parent 6fccdac4
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 4 deletions
src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/ServiceController.php
View file @ b813f3c6
...@@ -251,15 +251,16 @@ class ServiceController extends ApiControllerBase ...@@ -251,15 +251,16 @@ class ServiceController extends ApiControllerBase
/** /**
* fetch alert detailed info * fetch alert detailed info
* @param $alertId alert id, position in log file * @param string $alertId alert id, position in log file
* @param string $fileid log file id number (empty for standard)
* @return array alert info * @return array alert info
*/ */
public function getAlertInfoAction($alertId) public function getAlertInfoAction($alertId, $fileid = "")
{ {
$backend = new Backend(); $backend = new Backend();
$filter = new Filter(); $filter = new Filter();
$id = $filter->sanitize($alertId, "int"); $id = $filter->sanitize($alertId, "int");
$response = $backend->configdpRun("ids query alerts", array(1, 0, "filepos/".$id)); $response = $backend->configdpRun("ids query alerts", array(1, 0, "filepos/".$id, $fileid));
$result = json_decode($response, true); $result = json_decode($response, true);
if ($result != null && count($result['rows']) > 0) { if ($result != null && count($result['rows']) > 0) {
return $result['rows'][0]; return $result['rows'][0];
......
src/opnsense/mvc/app/views/OPNsense/IDS/index.volt
View file @ b813f3c6
...@@ -246,7 +246,7 @@ POSSIBILITY OF SUCH DAMAGE. ...@@ -246,7 +246,7 @@ POSSIBILITY OF SUCH DAMAGE.
requestHandler:addAlertQryFilters, requestHandler:addAlertQryFilters,
formatters:{ formatters:{
info: function (column, row) { info: function (column, row) {
return "<button type=\"button\" class=\"btn btn-xs btn-default command-edit\" data-row-id=\"" + row.filepos + "\"><span class=\"fa fa-info-circle\"></span></button> "; return "<button type=\"button\" class=\"btn btn-xs btn-default command-edit\" data-row-id=\"" + row.filepos + "/" + row.fileid + "\"><span class=\"fa fa-info-circle\"></span></button> ";
} }
}, },
} }
......
src/opnsense/scripts/suricata/queryAlertLog.py
View file @ b813f3c6
...@@ -96,6 +96,7 @@ if os.path.exists(suricata_log): ...@@ -96,6 +96,7 @@ if os.path.exists(suricata_log):
if 'alert' in record: if 'alert' in record:
# add position in file # add position in file
record['filepos'] = line['pos'] record['filepos'] = line['pos']
record['fileid'] = parameters['fileid']
# flatten structure # flatten structure
record['alert_sid'] = record['alert']['signature_id'] record['alert_sid'] = record['alert']['signature_id']
record['alert'] = record['alert']['signature'] record['alert'] = record['alert']['signature']
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023