https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162021-02-19T06:58:54ZpfSense bugtrackerpfSense Packages - Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspectionhttps://redmine.pfsense.org/issues/11461?journal_id=512792021-02-19T06:58:54ZFelix S
<ul></ul><p>Further investigation seems to show that the web gui is leveraging zeek_alert_data.php for getting the data. However, this references /usr/local/spool/zeek/ for the log files while they are actually located in /usr/local/logs/current.</p>
<p>So the solution would be to correct the path for $log in zeek_alert_data.php or otherwise perform changes in the zeek configuration that the logs end up in the directory /usr/local/spool/zeek/.</p> pfSense Packages - Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspectionhttps://redmine.pfsense.org/issues/11461?journal_id=512822021-02-19T07:24:53ZFelix S
<ul></ul><p>Further problems identified in the zeek_alerts.php:<br />The content is updated every 10 seconds however, the results in the current log file selection are being discarded and hence no logs are displayed anymore. <br />A solution might be to leverage the php code from suricata_alerts.php to implement the same sort of filtering capability as well as updating the content in the web gui from changes in the log file.</p> pfSense Packages - Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspectionhttps://redmine.pfsense.org/issues/11461?journal_id=547582021-06-27T11:46:51ZProsper Doko
<ul></ul><p>Fixed in this PR: <a class="external" href="https://github.com/pfsense/FreeBSD-ports/pull/1077">https://github.com/pfsense/FreeBSD-ports/pull/1077</a></p> pfSense Packages - Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspectionhttps://redmine.pfsense.org/issues/11461?journal_id=547732021-06-28T08:12:38ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Pull Request Review</i></li></ul> pfSense Packages - Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspectionhttps://redmine.pfsense.org/issues/11461?journal_id=548102021-06-30T14:03:41ZRenato Botelhorenato@netgate.com
<ul><li><strong>Status</strong> changed from <i>Pull Request Review</i> to <i>Feedback</i></li><li><strong>Assignee</strong> set to <i>Renato Botelho</i></li></ul><p>PR has been merged to 2.5.1, 2.5.2-RC and 2.6.0-DEVELOPMENT. Thanks!</p> pfSense Packages - Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspectionhttps://redmine.pfsense.org/issues/11461?journal_id=587302022-02-05T19:25:04ZAlhusein Zawi
<ul></ul><p>the web interface shows Logs.</p>
<p>2.6.0-RELEASE (amd64)<br />built on Tue Jan 25 19:18:35 UTC 2022<br />FreeBSD 12.3-STABLE</p> pfSense Packages - Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspectionhttps://redmine.pfsense.org/issues/11461?journal_id=587362022-02-07T03:19:56ZViktor Gurov
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li><li><strong>Affected Version</strong> deleted (<del><i>2.5.x</i></del>)</li></ul>