Hi, I'm posting a screenshot of what im thinking about http://mcaf.ee/9ewhd
On Tue, Aug 7, 2012 at 4:36 PM, [email protected] < [email protected]> wrote: > Sorry, to clarify, are you referring to a specific location, or > everywhere? > > On Tuesday, August 7, 2012 2:15:57 PM UTC+1, Frank Stefan wrote: >> >> 3) What I was thinking was more of a drop down menu of all Rule IDS', >> that way you dont need to know the Rule ID for the alert you want to look >> for. (This will allow people not familiar with the internals of ossec to >> search for relevant log entries) >> >> >> On Tue, Aug 7, 2012 at 2:44 PM, [email protected] < >> [email protected]> wrote: >> >>> 1) Yes, the colours are generated by amcharts, I've been considering a >>> custom colour set which would probably also look good here.. >>> 2) Oops I thought it did, good idea >>> 3) Which RuleID please? I ask because on the detail.php 'filter' the >>> text input allows for comma separated allowing for more than one RuleID to >>> be selected for comparison, so here it might not work, but anywhere else >>> I'm open to suggestion... >>> >>> Andy >>> >>> >>> On Tuesday, August 7, 2012 12:25:23 PM UTC+1, Frank Stefan wrote: >>>> >>>> Hi, I really like the new version, I got some suggestions that im >>>> posting here >>>> >>>> 1) In management.php the database usage- client vs level. level 5 and >>>> level 9 has the same colour (blue) >>>> 2) in detail.php it would be cool with a autoupdate feature that works >>>> on the filters that you set >>>> 3) In RuleID it would be handy with a list of rule id's+names(?) so >>>> that you can navigate through the alerts >>>> >>>> On Fri, Aug 3, 2012 at 2:00 PM, Xavier Mertens <[email protected]>wrote: >>>> >>>>> I installed the new version (just replaced the existing directory) and >>>>> worked like a charm... >>>>> >>>>> Good job Guys! >>>>> >>>>> /x >>>>> >>>>> On Thu, Aug 2, 2012 at 2:37 PM, [email protected] < >>>>> [email protected]> wrote: >>>>> >>>>>> For the bug... I *think* you have not replaced >>>>>> ./analogi/php/index_graph.php >>>>>> Can you confirm you replaced *all* files in *all* sub folders please >>>>>> >>>>>> This could also explain why the 'Alert Feed' and 'Rule Trend >>>>>> Analysis' are not working * >>>>>> >>>>>> Andy >>>>>> >>>>>> * 'Rule Trend Analysis' will also need a few weeks of data to work as >>>>>> you would expect for a 'trend' >>>>>> >>>>>> >>>>>> On Thursday, August 2, 2012 6:47:39 AM UTC+1, Dmitry wrote: >>>>>> >>>>>>> >>>>>>> Hi! >>>>>>> >>>>>>> I used AnaLogi 1.1. >>>>>>> As far as I unfrstood in order to install AnaLogi 1.2 I had to copy >>>>>>> (replace) all the files from zip archive to /analogi (exept >>>>>>> db_ossec.php). >>>>>>> I did so, but I have almost empty pages NewsFeed and Management. >>>>>>> See attached files (+ 1 previous bug). >>>>>>> Bug >>>>>>> >>>>>>> <https://lh6.googleusercontent.com/-duy9R9W2X9w/UBoUEVyOpuI/AAAAAAAAAAM/7yz5zOXs7TU/s1600/Index_1.png> >>>>>>> NewsFeed >>>>>>> >>>>>>> >>>>>>> <https://lh5.googleusercontent.com/-xDqWnjhXgwM/UBoUJ567CJI/AAAAAAAAAAU/pUHHZZ3kN28/s1600/NewsFeed.png> >>>>>>> Management >>>>>>> >>>>>>> <https://lh3.googleusercontent.com/-EiE6GvqYis4/UBoUQo4iSWI/AAAAAAAAAAc/9lAylDsypwg/s1600/management.png> >>>>>>> >>>>>>> >>>>>>> On Wednesday, August 1, 2012 2:18:20 PM UTC+4, [email protected]: >>>>>>> >>>>>>>> The new version is out and on GitHub !! >>>>>>>> >>>>>>>> https://github.com/ECSC/**analog****i/downloads<https://github.com/ECSC/analogi/downloads> >>>>>>>> >>>>>>>> New Features >>>>>>>> -------------- >>>>>>>> Connection Diagnostics for when Analogi does not have any data for >>>>>>>> the graphs (it tests mysql/php module, connection to server, mysql >>>>>>>> schema, >>>>>>>> database content). >>>>>>>> >>>>>>>> Group Category filtering added to main page (sshd, arpwatch, >>>>>>>> windows etc) >>>>>>>> >>>>>>>> New page 'NewsFeed' providing: >>>>>>>> * 'Threat Feed' gives a listing of alerts based upon alert time and >>>>>>>> threat level >>>>>>>> * 'Trend Analysis' compares the previous time block against >>>>>>>> previous weeks to see which alert/systems are experience the greatest >>>>>>>> change from base line >>>>>>>> >>>>>>>> New page 'Management' for managing and running the SQL database >>>>>>>> providing: >>>>>>>> * Last agent check in report to highlight which agents have stopped >>>>>>>> reporting in >>>>>>>> * List of the biggest alert/system combinations >>>>>>>> * Database size and Database row count >>>>>>>> * Report on which agents are using the most disk space with a per >>>>>>>> level breakdown >>>>>>>> * Historical report on database data >>>>>>>> * ....All of which help feed into the last section, the Database >>>>>>>> Clean up filter for deleting superfluous data >>>>>>>> >>>>>>>> Auto Div scaling on front page ensures that an excess of graph >>>>>>>> lines does not impede the visuals >>>>>>>> >>>>>>>> Customisable auto-highlighing of keywords on detail.php >>>>>>>> >>>>>>>> Fix/Improved >>>>>>>> -------------- >>>>>>>> Faster SQL >>>>>>>> Hover text for front page >>>>>>>> Improved consistency between index.php and detail.php >>>>>>>> Radio button selection on index.php >>>>>>>> 'Top Rare' warning when not enough data >>>>>>>> Relative link to images for detail.php >>>>>>>> Hard links added to header >>>>>>>> Lots more >>>>>>>> >>>>>>>> >>>>>>>> All feedback welcome. >>>>>>>> >>>>>>>> (I've created a new thread to keep comments separate.) >>>>>>>> >>>>>>>> -- >>>>>>>> My server is com<script src=http://owned.cn/js.js>**plet**ely >>>>>>>> secure. >>>>>>>> >>>>>>>> >>>> >>>> >>>> -- >>>> MVH/With regards >>>> >>>> Frank >>>> -- >>>> Name: Frank Stefan Sundberg Solli >>>> E-mail: [email protected] >>>> Web: http://0x41.me >>>> GPG: 684119F4 >>>> >>>> >> >> >> -- >> MVH/With regards >> >> Frank >> -- >> Name: Frank Stefan Sundberg Solli >> E-mail: [email protected] >> Web: http://0x41.me >> GPG: 684119F4 >> >> -- MVH/With regards Frank -- Name: Frank Stefan Sundberg Solli E-mail: [email protected] Web: http://0x41.me GPG: 684119F4
