Clarify Live Monitoring menu - unified monitor vs simple log tailers
PROBLEM: Menu was confusing - showed 5 separate monitors when option 1 now includes everything BEFORE: 1) Live Attack Monitor - Real-time threat feed (all sources) 2) SSH Attack Monitor - Live SSH brute force attempts 3) Web Traffic Monitor - Live HTTP/HTTPS requests 4) Firewall Activity Monitor - Live CSF/iptables events 5) cPHulk Live Monitor - Real-time brute force blocks ... 10) Multi-Source Dashboard - Combined view AFTER: 🛡️ Intelligent Monitoring: 1) Live Attack Monitor - Unified threat intelligence ├─ Monitors: Web, SSH, Firewall, cPHulk, Network (SYN floods) ├─ Features: Threat scoring, bot detection, attack classification └─ Quick Actions: IP blocking, ban management 📋 Simple Log Viewers (No Intelligence): 2) SSH Log Tail - Raw SSH auth attempts 3) Web Traffic Tail - Raw Apache access logs 4) Firewall Log Tail - Raw firewall events Log Tailing: 5) Tail Apache Access Log 6) Tail Apache Error Log 7) Tail Mail Log 8) Tail Security Log Advanced: 9) Custom Log Monitor CHANGES: - Option 1 clearly shows it monitors ALL sources - Options 2-4 clarified as "simple log tailers" without intelligence - Removed redundant option 5 (cPHulk - now built into option 1) - Removed redundant option 10 (Multi-Source - that's what option 1 is) - Renumbered options 6-11 → 5-9 USER BENEFIT: - Clear distinction: Smart monitoring vs raw logs - No confusion about what option 1 actually does - Menu accurately reflects new multi-source capability
This commit is contained in:
cschantz
+22
-20
@@ -150,25 +150,29 @@ show_live_monitoring_menu() {
|
|||||||
show_banner
|
show_banner
|
||||||
echo -e "${MAGENTA}${BOLD}📡 Live Monitoring & Alerts${NC}"
|
echo -e "${MAGENTA}${BOLD}📡 Live Monitoring & Alerts${NC}"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "${BOLD}Real-Time Dashboards:${NC}"
|
echo -e "${BOLD}🛡️ Intelligent Monitoring:${NC}"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${MAGENTA}1)${NC} Live Attack Monitor - Real-time threat feed (all sources)"
|
echo -e " ${MAGENTA}1)${NC} ${BOLD}Live Attack Monitor${NC} - Unified threat intelligence"
|
||||||
echo -e " ${MAGENTA}2)${NC} SSH Attack Monitor - Live SSH brute force attempts"
|
echo -e " ${DIM}├─ Monitors: Web, SSH, Firewall, cPHulk, Network (SYN floods)${NC}"
|
||||||
echo -e " ${MAGENTA}3)${NC} Web Traffic Monitor - Live HTTP/HTTPS requests"
|
echo -e " ${DIM}├─ Features: Threat scoring, bot detection, attack classification${NC}"
|
||||||
echo -e " ${MAGENTA}4)${NC} Firewall Activity Monitor - Live CSF/iptables events"
|
echo -e " ${DIM}└─ Quick Actions: IP blocking, ban management${NC}"
|
||||||
echo -e " ${MAGENTA}5)${NC} cPHulk Live Monitor - Real-time brute force blocks"
|
echo ""
|
||||||
|
echo -e "${BOLD}📋 Simple Log Viewers (No Intelligence):${NC}"
|
||||||
|
echo ""
|
||||||
|
echo -e " ${MAGENTA}2)${NC} SSH Log Tail - Raw SSH auth attempts (/var/log/secure)"
|
||||||
|
echo -e " ${MAGENTA}3)${NC} Web Traffic Tail - Raw Apache access logs"
|
||||||
|
echo -e " ${MAGENTA}4)${NC} Firewall Log Tail - Raw firewall events"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "${BOLD}Log Tailing:${NC}"
|
echo -e "${BOLD}Log Tailing:${NC}"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${MAGENTA}6)${NC} Tail Apache Access Log - Live web access (all domains)"
|
echo -e " ${MAGENTA}5)${NC} Tail Apache Access Log - Live web access (all domains)"
|
||||||
echo -e " ${MAGENTA}7)${NC} Tail Apache Error Log - Live web errors"
|
echo -e " ${MAGENTA}6)${NC} Tail Apache Error Log - Live web errors"
|
||||||
echo -e " ${MAGENTA}8)${NC} Tail Mail Log - Live email activity"
|
echo -e " ${MAGENTA}7)${NC} Tail Mail Log - Live email activity"
|
||||||
echo -e " ${MAGENTA}9)${NC} Tail Security Log - Live auth attempts (/var/log/secure)"
|
echo -e " ${MAGENTA}8)${NC} Tail Security Log - Live auth attempts (/var/log/secure)"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "${BOLD}Advanced Monitoring:${NC}"
|
echo -e "${BOLD}Advanced:${NC}"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${MAGENTA}10)${NC} Multi-Source Dashboard - Combined view (attacks + logs + metrics)"
|
echo -e " ${MAGENTA}9)${NC} Custom Log Monitor - Tail custom log file"
|
||||||
echo -e " ${MAGENTA}11)${NC} Custom Log Monitor - Tail custom log file"
|
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${RED}0)${NC} Back to Security Menu"
|
echo -e " ${RED}0)${NC} Back to Security Menu"
|
||||||
echo ""
|
echo ""
|
||||||
@@ -1017,13 +1021,11 @@ handle_live_monitoring_menu() {
|
|||||||
2) run_module "security" "ssh-attack-monitor.sh" ;;
|
2) run_module "security" "ssh-attack-monitor.sh" ;;
|
||||||
3) run_module "security" "web-traffic-monitor.sh" ;;
|
3) run_module "security" "web-traffic-monitor.sh" ;;
|
||||||
4) run_module "security" "firewall-activity-monitor.sh" ;;
|
4) run_module "security" "firewall-activity-monitor.sh" ;;
|
||||||
5) run_module "security" "cphulk-live-monitor.sh" ;;
|
5) run_module "security" "tail-apache-access.sh" ;;
|
||||||
6) run_module "security" "tail-apache-access.sh" ;;
|
6) run_module "security" "tail-apache-error.sh" ;;
|
||||||
7) run_module "security" "tail-apache-error.sh" ;;
|
7) run_module "security" "tail-mail-log.sh" ;;
|
||||||
8) run_module "security" "tail-mail-log.sh" ;;
|
8) run_module "security" "tail-secure-log.sh" ;;
|
||||||
9) run_module "security" "tail-secure-log.sh" ;;
|
9)
|
||||||
10) run_module "security" "multi-source-dashboard.sh" ;;
|
|
||||||
11)
|
|
||||||
show_banner
|
show_banner
|
||||||
echo -e "${BOLD}Custom Log Monitor${NC}"
|
echo -e "${BOLD}Custom Log Monitor${NC}"
|
||||||
read -p "Enter log file path: " logpath
|
read -p "Enter log file path: " logpath
|
||||||
|
|||||||
Reference in New Issue
Block a user