oh, and I was wondering, where can I change the timezone displayed in WUI? it's different than my servertime and therefore doesn't match with the timestamps (it's two hours behind)
i've looked in the ossec_conf.php but didn't find it there. Am Donnerstag, 9. Juli 2015 23:36:38 UTC+2 schrieb theresa mic-snare: > > hi all, > > yes, it's me again ;) > > i've cloned the ossec-wui from github.com > and wanted to search my alerts. > > in the time frame i put from yesterday (e.g 2017-07-08) and till now > Minimum Level: all > SrcIP: a specific IP that I got through the notification emails (and that > I can also find in the alerts.log) > other than that everything is default. > > at the bottom of the page it says: > *Total alerts found: *3339 > *Output divided in *4 pages. > > and > Page *1* (338 alerts) > > > > > > *Nothing returned (or search expired). which is crazy, because there was > only 1 alert from this specific IP.also no alert is actually showing up, > unlike in the alerts.log or in the email notification.*what i'm doing > wrong here? > > I could also attach a screenshot if need be.... > > thanks theresa > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
