Holger, That's fantastic.... Thanks very much.
Worked a treat! Pip On Feb 29, 8:49 am, Holger Gläß <[email protected]> wrote: > hi > > i did some fixes for me see bellow > > root@ossec:/root# diff ossec-wui-0.3/lib/os_lib_alerts.php > ossec-wui-patch/os_lib_alerts.php > 328a329 > > /* old > 330a332,335 > > */ > > $evt_msg[$msg_id] = preg_replace("/</", "<", > $evt_msg[$msg_id]); > > $evt_msg[$msg_id] = preg_replace("/>/", ">", > $evt_msg[$msg_id]); > > > 360a366 > > /* > 363c369,371 > < $alert->user = $evt_user; > --- > > */ > > $evt_user = preg_replace("/</", "<", $evt_user); > > $evt_user = preg_replace("/>/", ">", $evt_user); > 364a373,374 > > $alert->user = $evt_user; > > /* > 366a377,381 > > */ > > > > $evt_srcip = preg_replace("/</", "<", $evt_srcip); > > $evt_srcip = preg_replace("/>/", ">", $evt_srcip); > > > 842c857,858 > < fseek($fp, $seek_place, "SEEK_SET"); > --- > > /* bugfixhttp://osdir.com/ml/ossec-list/2010-06/msg00016.html*/ > > fseek($fp, $seek_place, SEEK_SET); > > root@ossec:/root# diff ossec-wui-0.3/lib/os_lib_syscheck.php > ossec-wui-patch/os_lib_syscheck.php > 43a44 > > /* old > 45a47,50 > > */ > > > > $buffer = preg_replace("/</", "<", $buffer); > > $buffer = preg_replace("/>/", ">", $buffer); > > for me works > > i attach the patched libs to this mail > > holger > > On 02/28/2012 10:05 AM, PJG wrote: > > > > > > > > > All, > > > I saw a post back to last year about the WUI not displaying logs > > correctly. Did anyone get this fixed? (I was going reply to that post > > but couldn't, so have opened this new one). > > > Reason being, is that despite it's limitations, it's still a very > > quick and easy first place to look for logs. > > > I've built it into my Incident response procedures, and would really > > like it to work. > > > Now I know I can deploy Splunk to do a similar things, but the OSSEC > > wui is a very simple tool, to view very powerful logs. > > > If I had the skills I would look into fixing it, but unfortunately I > > don't. > > > Has anyone else been able to wave their magic wand? > > > Cheers... > > > Pip > > > > os_lib_alerts.php > 36KViewDownload > > os_lib_syscheck.php > 12KViewDownload
