开源入侵检测系统OSSEC搭建之三:Web界面安装
注意:以下操作需在OSSEC服务端进行设置
一、下载analogi,存放于/var/www/html/下并赋予权限
[[email protected] ~]# wget https://github.com/ECSC/analogi/archive/master.zip
[[email protected] ~]# unzip master.zip
[[email protected] ~]# mv analogi-master/ /var/www/html/analogi
[[email protected] ~]# cd /var/www/html/
[[email protected] html]# chown -R apache.apache analogi/
[[email protected] html]# cd analogi/
[[email protected] analogi]# cp db_ossec.php.new db_ossec.php
二、编辑db_ossec.php文件,修改MySQL的配置信息
define ('DB_USER_O', 'ossec'); define ('DB_PASSWORD_O', 'ossec'); define ('DB_HOST_O', '127.0.0.1'); define ('DB_NAME_O', 'ossec');
三、修改 apache 配置,增加虚拟目录
[[email protected] analogi]# vim /etc/httpd/conf.d/analogi.conf
添加如下内容:
Alias /analogi /var/www/html/analogi <Directory /var/www/html/analogi> Order deny,allow Deny from all Allow from 192.168.0.0/16 </Directory>
然后重新启动Apache
[[email protected] analogi]# systemctl restart httpd
此时访问http://192.168.218.136/analogi/可以查看到检测状态
注意事项:如果访问http://192.168.218.136/analogi/时总是抛错403请尝试以下两种方法调试:
[[email protected] conf.d]# systemctl stop firewalld.service [[email protected] httpd]# setenforce 0
至此,OSSEC的安装与调试已全部结束。