Home

The OSSEC Dashboard utilizes pChart (http://www.pchart.net/) to create useful charts/graphs for your OSSEC (http://www.ossec.net) server.

Update: November 28, 2011

I've added in a rule review function; anytime a rule alert ID is included in detailed view, a link is generated that allows you to view the XML source behind that rule. Additionally, this will show you if the rule has an overrides/exceptions/etc.

Update: November 15, 2011

I added some basic filtering/searching on keyword functionality. It's very much alpha at this point, just like everything else. I've also added the ability to click through charts to detailed data. What I've built isn't the best, but the framework should allow anyone with some PHP knowledge to create charts and detailed tables as required.

I'll apologize now for the lack of searching capability; I will expand on this in time.

Initial Listing
Can Do

1. It will read alerts directly from your OSSEC directory and generate the 5 graphs shown in the screen shot above
2. You can filter by date, date range, or look at all dates.
3. You can, in limited fashion, create new charts or replace the ones that are here.

Can't Do (Yet)

1. Review the data behind the chart creation
2. Filter data by keywords, event ids, or otherwise.
3. Review rules/decoders/etc.

Can't Do, And I'm not sure if you ever will be able to

1. Modify rules/decoders/etc.

Other Stuff
This is a work in progress and I'm doing what I can to make it how I would like to see it. If you want to see something different, provide feedback and I'll see what I can do with my limited time. If you want to contribute to the project, that's even better!