There are several ways to do that. One way would be to make a symbolic link from your web server's DocumentRoot to the file /var/log/snort and then assign the original file a group (or ACL) which allows the group www-data to read from it, but not write to it. Then fix the
logrotate utility's configuration so that those settings are preserved. Then turn on
Server-Side Include noexec for that directory on your Apache2 instance. After that you can point to your log file's symbolic link with your index.
shtml file:
Code:
<html>
<title> Snort Logs </title>
<body>
<h1> These are the snort logs </h1>
<pre>
<!--#include virtual="/snort"-->
</pre>
</body>
</html>
You might want to use Basic Auth to put a password on that file if there are multiple people using the LAN or, especially, if you plan to serve it via the open net. See also the HTML
tidy utility with its -indent option.