OSSEC Web User Interface - Unmaintained!!
Switch branches/tags
Nothing to show
Clone or download
ddpbsd Merge pull request #18 from ddpbsd/master
Mention that WUI is unmaintained.
Latest commit 8787c07 Jul 19, 2016


The OSSEC Web UI is currently unmaintained and deprecated.
If you are interested in maintaining the project, please contact the OSSEC team (open an issue, send a message to the mailing list, etc).

We recommend using Kibana, Splunk, or similar projects for monitoring alerts.


OSSEC Web UI v0.8
Copyright (c) 2006-2013 Trend Micro Inc.

1- How to install.

1.0 - Prerequisites

    - Apache with PHP (>= 4.1 or >= 5.0) installed.
    - OSSEC (version >= 0.9-3) already installed.

1.1- Clone the web ui script:

    # git clone https://github.com/ossec/ossec-wui.git

1.2- Move the folder to somewhere acessible by
     your web server:

    # mv ossec-wui* /var/www/htdocs/ossec-wui

1.3- Run the setup script (assign username/password...):

    # cd /var/www/htdocs/ossec-wui
    # ./setup.sh

1.4- If selinux is enabled, ossec-wui is normally unable to access 
     various ossec log files.  One way to fix this is to install a 
     selinux targeted policy.

     Create a TE file (eg. 
     /etc/seliinux/targeted/ossec-wui/ossec-wui.te) with the following 

    module ossec-wui 1.0;

    require {
	type var_log_t;
        type httpd_t;
        type var_t;
        class file { read getattr open };

    #============= httpd_t ==============
    allow httpd_t var_log_t:file read;
    allow httpd_t var_t:file { read getattr open };

     Then run the following commands as root:

    checkmodule -M -m ossec-wui.te -o ossec-wui.mod
    semodule_package -o ossec-wui.pp -m ossec-wui.mod
    semodule -i ossec-wui.pp 

1.5- If you have a large ossec install, you may want to
     re-configure PHP to support longer lasting scripts
     and higher memory utilization. The following entries
     on php.ini can be increased:

     max_execution_time = 180
     max_input_time = 180
     memory_limit = 30M

1.6- Try to access the UI.


1.7- Report any problems or suggestions to our mailing list.