mirror of
https://github.com/valitydev/wazuh-kibana-app.git
synced 2024-11-06 09:55:18 +00:00
Added metrics in agent overview (#1479)
This commit is contained in:
Juanka Rodríguez
Jesús Ángel
parent
43f5dd5f64
commit
20fb453433
@ -15,6 +15,7 @@ import { TabNames } from '../../utils/tab-names';
|
||||
import * as FileSaver from '../../services/file-saver';
|
||||
import { TabDescription } from '../../../server/reporting/tab-description';
|
||||
import {
|
||||
metricsGeneral,
|
||||
metricsAudit,
|
||||
metricsVulnerability,
|
||||
metricsScap,
|
||||
@ -452,6 +453,9 @@ export class AgentsController {
|
||||
checkMetrics(tab, subtab) {
|
||||
if (subtab === 'panels') {
|
||||
switch (tab) {
|
||||
case 'general':
|
||||
this.createMetrics(metricsGeneral);
|
||||
break;
|
||||
case 'audit':
|
||||
this.createMetrics(metricsAudit);
|
||||
break;
|
||||
|
||||
@ -1,5 +1,23 @@
|
||||
<md-content flex layout="column" ng-if="tab === 'general' && tabView === 'panels'"
|
||||
ng-class="{'no-opacity': resultState !== 'ready' || !rendered}" layout-align="start">
|
||||
<md-content flex layout="column" ng-if="tab === 'general' && tabView === 'panels'" ng-class="{'no-opacity': resultState !== 'ready' || !rendered}"
|
||||
layout-align="start">
|
||||
<div layout="row">
|
||||
<md-card flex class="wz-metric-color wz-md-card">
|
||||
<md-card-content layout="row" class="wz-padding-metric">
|
||||
<div class="wz-text-truncatable" flex>Alerts: <span class="wz-text-bold" ng-bind="totalAlerts()"></span></div>
|
||||
<div class="wz-text-truncatable" flex>Level 12 or above alerts: <span class="wz-text-bold" ng-bind="level12()"></span></div>
|
||||
<div class="wz-text-truncatable" flex>Authentication failure: <span class="wz-text-bold" ng-bind="authFailure()"></span></div>
|
||||
<div class="wz-text-truncatable" flex>Authentication success: <span class="wz-text-bold" ng-bind="authSuccess()"></span></div>
|
||||
</md-card-content>
|
||||
</md-card>
|
||||
</div>
|
||||
|
||||
<div class="wz-no-display">
|
||||
<kbn-vis vis-id="'Wazuh-App-Agents-General-Metric-alerts'"></kbn-vis>
|
||||
<kbn-vis vis-id="'Wazuh-App-Agents-General-Level-12-alerts'"></kbn-vis>
|
||||
<kbn-vis vis-id="'Wazuh-App-Agents-General-Authentication-failure'"></kbn-vis>
|
||||
<kbn-vis vis-id="'Wazuh-App-Agents-General-Authentication-success'"></kbn-vis>
|
||||
</div>
|
||||
|
||||
<div layout="row" layout-align="start stretch" class="height-400">
|
||||
<md-card flex class="wz-md-card" ng-class="{'fullscreen': expandArray[0]}">
|
||||
<md-card-actions layout="row" layout-align="end center" class="wz-card-actions-vis" ng-dblclick="expand(0)">
|
||||
@ -10,8 +28,7 @@
|
||||
</span>
|
||||
</md-card-actions>
|
||||
<md-card-content class="wazuh-column">
|
||||
<kbn-vis id="Wazuh-App-Agents-Overview-Alert-level-evolution"
|
||||
vis-id="'Wazuh-App-Agents-Overview-Alert-level-evolution'"></kbn-vis>
|
||||
<kbn-vis id="Wazuh-App-Agents-Overview-Alert-level-evolution" vis-id="'Wazuh-App-Agents-Overview-Alert-level-evolution'"></kbn-vis>
|
||||
</md-card-content>
|
||||
</md-card>
|
||||
<md-card flex class="wz-md-card" ng-class="{'fullscreen': expandArray[1]}">
|
||||
@ -52,8 +69,7 @@
|
||||
</span>
|
||||
</md-card-actions>
|
||||
<md-card-content class="wazuh-column">
|
||||
<kbn-vis id="Wazuh-App-Agents-Overview-Top-10-groups"
|
||||
vis-id="'Wazuh-App-Agents-Overview-Top-10-groups'">
|
||||
<kbn-vis id="Wazuh-App-Agents-Overview-Top-10-groups" vis-id="'Wazuh-App-Agents-Overview-Top-10-groups'">
|
||||
</kbn-vis>
|
||||
</md-card-content>
|
||||
</md-card>
|
||||
@ -66,8 +82,7 @@
|
||||
</span>
|
||||
</md-card-actions>
|
||||
<md-card-content class="wazuh-column">
|
||||
<kbn-vis id="Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements"
|
||||
vis-id="'Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements'"></kbn-vis>
|
||||
<kbn-vis id="Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements" vis-id="'Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements'"></kbn-vis>
|
||||
</md-card-content>
|
||||
</md-card>
|
||||
</div>
|
||||
|
||||
@ -9,6 +9,17 @@
|
||||
*
|
||||
* Find more information about this on the LICENSE file.
|
||||
*/
|
||||
|
||||
// Metrics General
|
||||
const metricsGeneral = {
|
||||
totalAlerts: '[vis-id="\'Wazuh-App-Agents-General-Metric-alerts\'"]',
|
||||
level12: '[vis-id="\'Wazuh-App-Agents-General-Level-12-alerts\'"]',
|
||||
authFailure:
|
||||
'[vis-id="\'Wazuh-App-Agents-General-Authentication-failure\'"]',
|
||||
authSuccess:
|
||||
'[vis-id="\'Wazuh-App-Agents-General-Authentication-success\'"]'
|
||||
};
|
||||
|
||||
// Metrics Audit
|
||||
const metricsAudit = {
|
||||
auditNewFiles: '[vis-id="\'Wazuh-App-Agents-Audit-New-files-metric\'"]',
|
||||
@ -60,6 +71,7 @@ const metricsVirustotal = {
|
||||
};
|
||||
|
||||
export default {
|
||||
metricsGeneral,
|
||||
metricsAudit,
|
||||
metricsVulnerability,
|
||||
metricsScap,
|
||||
|
||||
@ -26,6 +26,167 @@ export default [
|
||||
},
|
||||
_type: 'visualization'
|
||||
},
|
||||
{
|
||||
_id: 'Wazuh-App-Agents-General-Metric-alerts',
|
||||
_source: {
|
||||
title: 'Metric alerts',
|
||||
visState:
|
||||
'{"title":"Metric Alerts","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Alerts"}}]}',
|
||||
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
|
||||
description: '',
|
||||
version: 1,
|
||||
kibanaSavedObjectMeta: {
|
||||
searchSourceJSON:
|
||||
'{"index":"wazuh-alerts","filter":[],"query":{"query":"","language":"lucene"}}'
|
||||
}
|
||||
},
|
||||
_type: 'visualization'
|
||||
},
|
||||
{
|
||||
_id: 'Wazuh-App-Agents-General-Level-12-alerts',
|
||||
_source: {
|
||||
title: 'Level 12 alerts',
|
||||
visState:
|
||||
'{"title":"Count Level 12 Alerts","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Level 12 or above alerts"}}]}',
|
||||
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
|
||||
description: '',
|
||||
version: 1,
|
||||
kibanaSavedObjectMeta: {
|
||||
searchSourceJSON: `{
|
||||
"index":"wazuh-alerts",
|
||||
"filter":[
|
||||
{
|
||||
"$state": {
|
||||
"store": "appState"
|
||||
},
|
||||
"meta": {
|
||||
"alias": null,
|
||||
"disabled": false,
|
||||
"index": "wazuh-alerts",
|
||||
"key": "rule.level",
|
||||
"negate": false,
|
||||
"params": {
|
||||
"gte": 12,
|
||||
"lt": null
|
||||
},
|
||||
"type": "range",
|
||||
"value": "12 to +∞"
|
||||
},
|
||||
"range": {
|
||||
"rule.level": {
|
||||
"gte": 12,
|
||||
"lt": null
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"query":{ "query": "", "language": "lucene" }
|
||||
}`
|
||||
}
|
||||
},
|
||||
_type: 'visualization'
|
||||
},
|
||||
{
|
||||
_id: 'Wazuh-App-Agents-General-Authentication-failure',
|
||||
_source: {
|
||||
title: 'Authentication failure',
|
||||
visState:
|
||||
'{"title":"Count Authentication Failure","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Authentication failure"}}]}',
|
||||
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
|
||||
description: '',
|
||||
version: 1,
|
||||
kibanaSavedObjectMeta: {
|
||||
searchSourceJSON: `{
|
||||
"index":"wazuh-alerts",
|
||||
"filter":[
|
||||
{
|
||||
"meta": {
|
||||
"index": "wazuh-alerts",
|
||||
"type": "phrases",
|
||||
"key": "rule.groups",
|
||||
"value": "authentication_failed, authentication_failures",
|
||||
"params": [
|
||||
"authentication_failed",
|
||||
"authentication_failures"
|
||||
],
|
||||
"negate": false,
|
||||
"disabled": false,
|
||||
"alias": null
|
||||
},
|
||||
"query": {
|
||||
"bool": {
|
||||
"should": [
|
||||
{
|
||||
"match_phrase": {
|
||||
"rule.groups": "authentication_failed"
|
||||
}
|
||||
},
|
||||
{
|
||||
"match_phrase": {
|
||||
"rule.groups": "authentication_failures"
|
||||
}
|
||||
}
|
||||
],
|
||||
"minimum_should_match": 1
|
||||
}
|
||||
},
|
||||
"$state": {
|
||||
"store": "appState"
|
||||
}
|
||||
}
|
||||
],
|
||||
"query":{"query":"","language":"lucene"}
|
||||
}`
|
||||
}
|
||||
},
|
||||
_type: 'visualization'
|
||||
},
|
||||
{
|
||||
_id: 'Wazuh-App-Agents-General-Authentication-success',
|
||||
_source: {
|
||||
title: 'Authentication success',
|
||||
visState:
|
||||
'{"title":"Count Authentication Success","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Authentication success"}}]}',
|
||||
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
|
||||
description: '',
|
||||
version: 1,
|
||||
kibanaSavedObjectMeta: {
|
||||
searchSourceJSON: `{
|
||||
"index":"wazuh-alerts",
|
||||
"filter":[
|
||||
{
|
||||
"meta": {
|
||||
"index": "wazuh-alerts",
|
||||
"negate": false,
|
||||
"disabled": false,
|
||||
"alias": null,
|
||||
"type": "phrase",
|
||||
"key": "rule.groups",
|
||||
"value": "authentication_success",
|
||||
"params": {
|
||||
"query": "authentication_success",
|
||||
"type": "phrase"
|
||||
}
|
||||
},
|
||||
"query": {
|
||||
"match": {
|
||||
"rule.groups": {
|
||||
"query": "authentication_success",
|
||||
"type": "phrase"
|
||||
}
|
||||
}
|
||||
},
|
||||
"$state": {
|
||||
"store": "appState"
|
||||
}
|
||||
}
|
||||
],
|
||||
"query":{"query":"","language":"lucene"}
|
||||
}`
|
||||
}
|
||||
},
|
||||
_type: 'visualization'
|
||||
},
|
||||
{
|
||||
_id: 'Wazuh-App-Agents-Overview-Top-10-groups',
|
||||
_source: {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user