Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add machine select-box to alerts #88

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 37 additions & 7 deletions kuiper/app/controllers/case_management.py
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -1516,8 +1516,11 @@ def case_timeline_build_ajax(case_id):


# ================================ get all alerts for case
@app.route('/case/<case_id>/alerts', methods=['GET'])
def case_alerts(case_id):
@app.route('/case/<case_id>/alerts/', defaults={'machinename': None, 'allMachines': False}, methods=['GET'])
@app.route('/case/<case_id>/alerts/all/', defaults={'machinename': None, 'allMachines': True}, methods=['GET'])
@app.route('/case/<case_id>/alerts/<machinename>', defaults={'allMachines': False}, methods=['GET'])
def case_alerts(case_id, machinename, allMachines):

logger.logger(level=logger.DEBUG , type="case", message="Case["+case_id+"]: Open alerts page")


Expand All @@ -1537,20 +1540,38 @@ def case_alerts(case_id):
logger.logger(level=logger.ERROR , type="case", message="Case["+case_id+"]: Failed getting case information", reason='Index not found')
return render_template('case/error_page.html',case_details=case_id ,SIDEBAR=SIDEBAR , CASE_FIELDS=CASE_FIELDS[1] , message="Case["+case_id+"]: Failed getting case information<br />Index not found")

machines = db_cases.get_machines(case_id)

if machinename is not None:
# validate machine exists
machine_id = case_id + "_" + machinename
machine_info = db_cases.get_machine_by_id(machine_id)
if machine_info[0] is False or machine_info[1] is None: # machine_info[0] in case of exception False. machine_info[1] is machine or None (not found) or exception-string
logger.logger(level=logger.ERROR , type="case", message="Case["+case_id+"]: Failed checking if the machine ["+machinename+"] exists", reason="")
return render_template('case/error_page.html',case_details=case_id ,SIDEBAR=SIDEBAR , CASE_FIELDS=CASE_FIELDS[1] , message="Failed checking if the machine exists<br />" )
currentmachinename = machinename
elif allMachines is True:
currentmachinename = "All"
machine_id = None
else:
return render_template('case/alerts.html',case_details=case[1] ,SIDEBAR=SIDEBAR, all_rules=[], rhaegal_hits=[], machines=machines[1], currentmachinename="", browse_alert_link_query="", machine_id="")

all_rules = db_rules.get_rules()
if all_rules[0] == False:
logger.logger(level=logger.ERROR , type="case", message="Case["+case_id+"]: Failed getting rules information", reason=all_rules[1])
return render_template('case/error_page.html',case_details=case_id ,SIDEBAR=SIDEBAR , CASE_FIELDS=CASE_FIELDS[1] , message=all_rules[1])


requests = []

for rule in all_rules[1]:
if allMachines is True:
qrule = rule['rule']
else: #elif machine_id is not None: for sure
qrule = "machine:" + machine_id + " AND (" + rule['rule'] +")"
requests.append({
"query":{
"query_string":{
"query" : rule['rule'],
"query" : qrule,
"default_field": "catch_all"
}
},
Expand All @@ -1567,17 +1588,26 @@ def case_alerts(case_id):
logger.logger(level=logger.ERROR , type="case", message="Case["+case_id+"]: Failed getting total hits of rules from database", reason=res[1])
return render_template('case/error_page.html',case_details=case_id ,SIDEBAR=SIDEBAR , CASE_FIELDS=CASE_FIELDS[1] , message=res[1])

#prepare browse-machine-alerts link
browse_alert_link_query = ""
if allMachines is False and machine_id is not None:
json_query = {"AND" : [{"==machine": machine_id}]}
browse_alert_link_query = json.dumps(json_query)

for r in range(0 , len(res[1])):
all_rules[1][r]['hits'] = res[1][r]['hits']['total']['value']

# build the query to get all rhaegal hits


if allMachines is True:
qrhaegal = "Data.rhaegal.name:*"
else: #elif machine_id is not None: for sure anyway
qrhaegal = "machine:" + machine_id + " AND (Data.rhaegal.name:*)"
logger.logger(level=logger.DEBUG , type="case", message="Case["+case_id+"]: get Rhaegal hits")
Rhaegal_query = {
"query":{
"query_string":{
"query" : "Data.rhaegal.name:*",
"query" : qrhaegal,
"default_field": "catch_all"
}
},
Expand Down Expand Up @@ -1633,7 +1663,7 @@ def case_alerts(case_id):

logger.logger(level=logger.DEBUG , type="case", message="Case["+case_id+"]: hits ["+str(len(Rhaegal_hits["names"]))+"]")

return render_template('case/alerts.html',case_details=case[1] ,SIDEBAR=SIDEBAR , all_rules= all_rules[1] , rhaegal_hits=Rhaegal_hits)
return render_template('case/alerts.html',case_details=case[1] ,SIDEBAR=SIDEBAR , all_rules= all_rules[1] , rhaegal_hits=Rhaegal_hits, machines=machines[1], currentmachinename=currentmachinename,browse_alert_link_query=browse_alert_link_query, machine_id=machine_id)



Expand Down
4 changes: 3 additions & 1 deletion kuiper/app/static/dist/css/AdminLTE.css
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -4256,7 +4256,8 @@ table.text-center th {
}
.select2-container--default .select2-selection--single,
.select2-selection .select2-selection--single {
border: 1px solid #d2d6de;
border: 1px solid #353a53;
background-color: #202030;
border-radius: 0;
padding: 6px 12px;
height: 34px;
Expand All @@ -4278,6 +4279,7 @@ table.text-center th {
-webkit-user-select: none;
}
.select2-container .select2-selection--single .select2-selection__rendered {
color: #a7a7ba;
padding-left: 0;
padding-right: 0;
height: auto;
Expand Down
59 changes: 51 additions & 8 deletions kuiper/app/templates/case/alerts.html
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,27 @@


<div class="row">
<div class="col-md-12">
<div class="box">
<div class="box-body" style="overflow:auto;" >
<div class="dataTables_filter" style="text-align: left;">
Machine: <select style="min-width: 200px;" class="machine_select" name="machines" onchange="this.options[this.selectedIndex].value && (window.location = this.options[this.selectedIndex].value);">
<option></option>
<option value="{{ url_for('case_alerts', case_id=case_details['casename'], allMachines=True)}}"
{% if currentmachinename == 'All' %} selected {% endif %}>All machines</option>
{% for machine in machines %}
<option value="{{ url_for('case_alerts', case_id=case_details['casename'] , machinename=machine['machinename'])}}"
{% if currentmachinename == machine['machinename'] %} selected {% endif %}>{{machine['machinename']}}</option>
{% endfor %}
</select>
</div>
</div>
</div>
</div>
<div class="col-md-12">
<div class="box">
<div class="box-header">
<h3 class="box-title"><i class="fa fa-bell"></i> Alerts</h3>
<h3 class="box-title"><i class="fa fa-bell"></i> Alerts - {{ currentmachinename }}</h3>
</div>
<!-- /.box-header -->
<div class="box-body" style="overflow:auto;" >
Expand All @@ -28,7 +45,11 @@ <h3 class="box-title"><i class="fa fa-bell"></i> Alerts</h3>
{% for rule in all_rules %}
<tr>
<td>
<a class="badge badge-pill rule_name bg-blue" href="{{ url_for('case_browse_artifacts', case_id=case_details['casename'] , rule=rule['rule_name'])}}">
<a class="badge badge-pill rule_name bg-blue" href="
{% if currentmachinename == 'All' %} {{ url_for('case_browse_artifacts', case_id=case_details['casename'] , rule=rule['rule_name'])}}
{% else %} {{ url_for('case_browse_artifacts', case_id=case_details['casename'] , rule=rule['rule_name'], q=browse_alert_link_query)}}
{% endif %}
">
{{rule['rule_name']}} &raquo;
</a>
</td>
Expand Down Expand Up @@ -67,7 +88,7 @@ <h3 class="box-title"><i class="fa fa-bell"></i> Alerts</h3>
<div class="col-md-12">
<div class="box">
<div class="box-header">
<h3 class="box-title"><i class="fa"><img src="{{url_for('static', filename='dist/img/RhaegalLogo.png')}}" width="24" height="24" /></i> Rhaegal</h3>
<h3 class="box-title"><i class="fa"><img src="{{url_for('static', filename='dist/img/RhaegalLogo.png')}}" width="24" height="24" /></i> Rhaegal - {{ currentmachinename }}</h3>
</div>

<!-- /.box-header -->
Expand Down Expand Up @@ -102,9 +123,8 @@ <h3 class="box-title"><i class="fa"><img src="{{url_for('static', filename='dist
<script src="../../static/dist/js/demo.js"></script>




<script src="{{url_for('static' , filename='Kuiper.js')}}"></script>
<link rel="stylesheet" href="{{url_for('static' , filename='Kuiper.css')}}">
<!-- tag input -->

<script src="../../static/dist/tagsinput/bootstrap-tagsinput.js"></script>
Expand Down Expand Up @@ -197,9 +217,14 @@ <h3 class="box-title"><i class="fa"><img src="{{url_for('static', filename='dist
'columns' : [
{ title: "Type" , data:"type"},
{ title: "Name" , data:"name" , render: function(data, type){
var json_query = {"AND" : []}
json_query['AND'].push({"==Data.rhaegal.name" : data});
{% if currentmachinename != 'All' %}
json_query['AND'].push({"==machine" : "{{machine_id}}" });
{% endif %}

var query = escapeHtml('?q=%7B"AND"%3A%5B%7B"%3D%3DData.rhaegal.name"%3A"'+data+'"%7D%5D%7D')
return '<a class="badge badge-pill rule_name bg-blue" href="{{ url_for("case_browse_artifacts", case_id=case_details["casename"])}}'+query+'">'+data+' &raquo;</a>'
json_query_string = escapeHtml('?q=' + encodeURIComponent(JSON.stringify(json_query)));
return '<a class="badge badge-pill rule_name bg-blue" href="{{ url_for("case_browse_artifacts", case_id=case_details["casename"])}}'+json_query_string+'">'+data+' &raquo;</a>'

}},
{ title: "Count" , data:"count"},
Expand Down Expand Up @@ -253,7 +278,25 @@ <h3 class="box-title"><i class="fa"><img src="{{url_for('static', filename='dist


})

$(document).ready(function() {
$('.machine_select').select2({
placeholder: "Select a machine",
allowClear: false,
maximumInputLength: 20,
width: 'resolve',
sorter: function(data) {
return data.sort(function(a, b){
if(a.text == "All machines"){
return -1;
}
if(b.text == "All machines"){
return 1;
}
return a.text.localeCompare(b.text)
});
}
});
});
</script>


Expand Down