From fcc14af457d6fb354281daca673d41d6d7512f7b Mon Sep 17 00:00:00 2001 From: cschantz Date: Fri, 14 Nov 2025 15:19:52 -0500 Subject: [PATCH] Clarify Live Monitoring menu - unified monitor vs simple log tailers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PROBLEM: Menu was confusing - showed 5 separate monitors when option 1 now includes everything BEFORE: 1) Live Attack Monitor - Real-time threat feed (all sources) 2) SSH Attack Monitor - Live SSH brute force attempts 3) Web Traffic Monitor - Live HTTP/HTTPS requests 4) Firewall Activity Monitor - Live CSF/iptables events 5) cPHulk Live Monitor - Real-time brute force blocks ... 10) Multi-Source Dashboard - Combined view AFTER: 🛡️ Intelligent Monitoring: 1) Live Attack Monitor - Unified threat intelligence ├─ Monitors: Web, SSH, Firewall, cPHulk, Network (SYN floods) ├─ Features: Threat scoring, bot detection, attack classification └─ Quick Actions: IP blocking, ban management 📋 Simple Log Viewers (No Intelligence): 2) SSH Log Tail - Raw SSH auth attempts 3) Web Traffic Tail - Raw Apache access logs 4) Firewall Log Tail - Raw firewall events Log Tailing: 5) Tail Apache Access Log 6) Tail Apache Error Log 7) Tail Mail Log 8) Tail Security Log Advanced: 9) Custom Log Monitor CHANGES: - Option 1 clearly shows it monitors ALL sources - Options 2-4 clarified as "simple log tailers" without intelligence - Removed redundant option 5 (cPHulk - now built into option 1) - Removed redundant option 10 (Multi-Source - that's what option 1 is) - Renumbered options 6-11 → 5-9 USER BENEFIT: - Clear distinction: Smart monitoring vs raw logs - No confusion about what option 1 actually does - Menu accurately reflects new multi-source capability 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- launcher.sh | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/launcher.sh b/launcher.sh index 5d4712c..58cfa1a 100755 --- a/launcher.sh +++ b/launcher.sh @@ -150,25 +150,29 @@ show_live_monitoring_menu() { show_banner echo -e "${MAGENTA}${BOLD}📡 Live Monitoring & Alerts${NC}" echo "" - echo -e "${BOLD}Real-Time Dashboards:${NC}" + echo -e "${BOLD}🛡️ Intelligent Monitoring:${NC}" echo "" - echo -e " ${MAGENTA}1)${NC} Live Attack Monitor - Real-time threat feed (all sources)" - echo -e " ${MAGENTA}2)${NC} SSH Attack Monitor - Live SSH brute force attempts" - echo -e " ${MAGENTA}3)${NC} Web Traffic Monitor - Live HTTP/HTTPS requests" - echo -e " ${MAGENTA}4)${NC} Firewall Activity Monitor - Live CSF/iptables events" - echo -e " ${MAGENTA}5)${NC} cPHulk Live Monitor - Real-time brute force blocks" + echo -e " ${MAGENTA}1)${NC} ${BOLD}Live Attack Monitor${NC} - Unified threat intelligence" + echo -e " ${DIM}├─ Monitors: Web, SSH, Firewall, cPHulk, Network (SYN floods)${NC}" + echo -e " ${DIM}├─ Features: Threat scoring, bot detection, attack classification${NC}" + echo -e " ${DIM}└─ Quick Actions: IP blocking, ban management${NC}" + echo "" + echo -e "${BOLD}📋 Simple Log Viewers (No Intelligence):${NC}" + echo "" + echo -e " ${MAGENTA}2)${NC} SSH Log Tail - Raw SSH auth attempts (/var/log/secure)" + echo -e " ${MAGENTA}3)${NC} Web Traffic Tail - Raw Apache access logs" + echo -e " ${MAGENTA}4)${NC} Firewall Log Tail - Raw firewall events" echo "" echo -e "${BOLD}Log Tailing:${NC}" echo "" - echo -e " ${MAGENTA}6)${NC} Tail Apache Access Log - Live web access (all domains)" - echo -e " ${MAGENTA}7)${NC} Tail Apache Error Log - Live web errors" - echo -e " ${MAGENTA}8)${NC} Tail Mail Log - Live email activity" - echo -e " ${MAGENTA}9)${NC} Tail Security Log - Live auth attempts (/var/log/secure)" + echo -e " ${MAGENTA}5)${NC} Tail Apache Access Log - Live web access (all domains)" + echo -e " ${MAGENTA}6)${NC} Tail Apache Error Log - Live web errors" + echo -e " ${MAGENTA}7)${NC} Tail Mail Log - Live email activity" + echo -e " ${MAGENTA}8)${NC} Tail Security Log - Live auth attempts (/var/log/secure)" echo "" - echo -e "${BOLD}Advanced Monitoring:${NC}" + echo -e "${BOLD}Advanced:${NC}" echo "" - echo -e " ${MAGENTA}10)${NC} Multi-Source Dashboard - Combined view (attacks + logs + metrics)" - echo -e " ${MAGENTA}11)${NC} Custom Log Monitor - Tail custom log file" + echo -e " ${MAGENTA}9)${NC} Custom Log Monitor - Tail custom log file" echo "" echo -e " ${RED}0)${NC} Back to Security Menu" echo "" @@ -1017,13 +1021,11 @@ handle_live_monitoring_menu() { 2) run_module "security" "ssh-attack-monitor.sh" ;; 3) run_module "security" "web-traffic-monitor.sh" ;; 4) run_module "security" "firewall-activity-monitor.sh" ;; - 5) run_module "security" "cphulk-live-monitor.sh" ;; - 6) run_module "security" "tail-apache-access.sh" ;; - 7) run_module "security" "tail-apache-error.sh" ;; - 8) run_module "security" "tail-mail-log.sh" ;; - 9) run_module "security" "tail-secure-log.sh" ;; - 10) run_module "security" "multi-source-dashboard.sh" ;; - 11) + 5) run_module "security" "tail-apache-access.sh" ;; + 6) run_module "security" "tail-apache-error.sh" ;; + 7) run_module "security" "tail-mail-log.sh" ;; + 8) run_module "security" "tail-secure-log.sh" ;; + 9) show_banner echo -e "${BOLD}Custom Log Monitor${NC}" read -p "Enter log file path: " logpath