From 64ad42d3498f7b9c944b4ef49f0ee4d3b33f03ba Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Sat, 3 Feb 2018 15:43:37 +0000
Subject: [PATCH] intrusion detection: log viewer; closes #2158

While here strip empty logs...
---
 plist                                                  |  1 +
 src/etc/inc/plugins.inc.d/squid.inc                    | 10 ----------
 src/etc/inc/plugins.inc.d/suricata.inc                 | 10 ----------
 src/opnsense/mvc/app/models/OPNsense/IDS/Menu/Menu.xml |  5 ++++-
 src/www/diag_logs_settings.php                         |  1 +
 src/www/diag_logs_suricata.php                         |  8 ++++++++
 6 files changed, 14 insertions(+), 21 deletions(-)
 create mode 100644 src/www/diag_logs_suricata.php

diff --git a/plist b/plist
index fc791c7ce..512829878 100644
--- a/plist
+++ b/plist
@@ -989,6 +989,7 @@
 /usr/local/www/diag_logs_resolver.php
 /usr/local/www/diag_logs_routing.php
 /usr/local/www/diag_logs_settings.php
+/usr/local/www/diag_logs_suricata.php
 /usr/local/www/diag_logs_template.inc
 /usr/local/www/diag_logs_wireless.php
 /usr/local/www/diag_packet_capture.php
diff --git a/src/etc/inc/plugins.inc.d/squid.inc b/src/etc/inc/plugins.inc.d/squid.inc
index da45c82b3..0d3f96679 100644
--- a/src/etc/inc/plugins.inc.d/squid.inc
+++ b/src/etc/inc/plugins.inc.d/squid.inc
@@ -48,16 +48,6 @@ function squid_services()
     return $services;
 }
 
-function squid_syslog()
-{
-    $logfacilities = array();
-    $logfacilities['squid.syslog'] = array(
-        'facility' => array('(squid-1)')
-    );
-
-    return $logfacilities;
-}
-
 function squid_xmlrpc_sync()
 {
     $result = array();
diff --git a/src/etc/inc/plugins.inc.d/suricata.inc b/src/etc/inc/plugins.inc.d/suricata.inc
index a0f48c458..5c833dd32 100644
--- a/src/etc/inc/plugins.inc.d/suricata.inc
+++ b/src/etc/inc/plugins.inc.d/suricata.inc
@@ -47,16 +47,6 @@ function suricata_services()
     return $services;
 }
 
-function suricata_syslog()
-{
-    $logfacilities = array();
-    $logfacilities['suricata.syslog'] = array(
-        'facility' => array('suricata')
-    );
-
-    return $logfacilities;
-}
-
 function suricata_xmlrpc_sync()
 {
     $result = array();
diff --git a/src/opnsense/mvc/app/models/OPNsense/IDS/Menu/Menu.xml b/src/opnsense/mvc/app/models/OPNsense/IDS/Menu/Menu.xml
index 6dfe17a49..94f173679 100644
--- a/src/opnsense/mvc/app/models/OPNsense/IDS/Menu/Menu.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/IDS/Menu/Menu.xml
@@ -1,5 +1,8 @@
 <menu>
     <Services>
-        <IDS VisibleName="Intrusion Detection" url="/ui/ids/" cssClass="fa fa-shield fa-fw"/>
+        <IDS VisibleName="Intrusion Detection" cssClass="fa fa-shield fa-fw">
+            <Administration url="/ui/ids/" />
+            <Log VisibleName="Log File" url="/diag_logs_suricata.php" />
+        </IDS>
     </Services>
 </menu>
diff --git a/src/www/diag_logs_settings.php b/src/www/diag_logs_settings.php
index 777eab8ca..dd2a652b2 100644
--- a/src/www/diag_logs_settings.php
+++ b/src/www/diag_logs_settings.php
@@ -65,6 +65,7 @@ function clear_all_log_files()
         'squid/access',
         'squid/cache',
         'squid/store',
+        'suricata',
     );
 
     foreach ($clog_files as $lfile) {
diff --git a/src/www/diag_logs_suricata.php b/src/www/diag_logs_suricata.php
new file mode 100644
index 000000000..d5b4ffb7e
--- /dev/null
+++ b/src/www/diag_logs_suricata.php
@@ -0,0 +1,8 @@
+<?php
+
+$logfile = '/var/log/suricata.log';
+$logclog = false;
+
+$service_hook = 'suricata';
+
+require_once 'diag_logs_template.inc';