oh yeah, there are tons of messages like this in the apache error log PHP Warning: fopen(./tmp/output-tmp.1-57- 8cd5679a49c37a4583dfa34473436ab4.php): failed to open stream: No such file or directory in /var/www/html/ossec-wui/lib/os_lib_alerts.php on line 39
@dan: what do you use instead? logstash and kibana? Am Mittwoch, 15. Juli 2015 19:07:32 UTC+2 schrieb dan (ddpbsd): > > > On Jul 9, 2015 5:36 PM, "theresa mic-snare" <[email protected] > <javascript:>> wrote: > > > > hi all, > > > > yes, it's me again ;) > > > > i've cloned the ossec-wui from github.com > > and wanted to search my alerts. > > > > in the time frame i put from yesterday (e.g 2017-07-08) and till now > > Minimum Level: all > > SrcIP: a specific IP that I got through the notification emails (and > that I can also find in the alerts.log) > > other than that everything is default. > > > > at the bottom of the page it says: > > Total alerts found: 3339 > > Output divided in 4 pages. > > > > and > > Page 1 (338 alerts) > > Nothing returned (or search expired). > > > > which is crazy, because there was only 1 alert from this specific IP. > > > > also no alert is actually showing up, unlike in the alerts.log or in the > email notification. > > > > what i'm doing wrong here? > > > > I could also attach a screenshot if need be.... > > > > Are there any related log messages in the webserver's log files? I don't > use the wui (it's currently a dead project), but I kinda remember it > logging when things went wrong. > > > thanks theresa > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
