valitydev/wazuh-kibana-app
14
0
Fork 0
mirror of https://github.com/valitydev/wazuh-kibana-app.git synced 2024-11-06 09:55:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added metrics in agent overview (#1479)

Browse Source
This commit is contained in:
Juanka Rodríguez 2019-05-29 12:40:27 +02:00 committed by Jesús Ángel
parent 43f5dd5f64
commit 20fb453433
4 changed files with 200 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
public/controllers/agent/agents.js
View File

@ -15,6 +15,7 @@ import { TabNames } from '../../utils/tab-names';
import * as FileSaver from '../../services/file-saver';
import { TabDescription } from '../../../server/reporting/tab-description';
import {
metricsGeneral,
metricsAudit,
metricsVulnerability,
metricsScap,
@ -452,6 +453,9 @@ export class AgentsController {
checkMetrics(tab, subtab) {
if (subtab === 'panels') {
switch (tab) {
case 'general':
this.createMetrics(metricsGeneral);
break;
case 'audit':
this.createMetrics(metricsAudit);
break;

31
public/templates/agents/agents-general.html
View File

@ -1,5 +1,23 @@
<md-content flex layout="column" ng-if="tab === 'general' && tabView === 'panels'"
ng-class="{'no-opacity': resultState !== 'ready' || !rendered}" layout-align="start">
<md-content flex layout="column" ng-if="tab === 'general' && tabView === 'panels'" ng-class="{'no-opacity': resultState !== 'ready' || !rendered}"
layout-align="start">
<div layout="row">
<md-card flex class="wz-metric-color wz-md-card">
<md-card-content layout="row" class="wz-padding-metric">
<div class="wz-text-truncatable" flex>Alerts: <span class="wz-text-bold" ng-bind="totalAlerts()"></span></div>
<div class="wz-text-truncatable" flex>Level 12 or above alerts: <span class="wz-text-bold" ng-bind="level12()"></span></div>
<div class="wz-text-truncatable" flex>Authentication failure: <span class="wz-text-bold" ng-bind="authFailure()"></span></div>
<div class="wz-text-truncatable" flex>Authentication success: <span class="wz-text-bold" ng-bind="authSuccess()"></span></div>
</md-card-content>
</md-card>
</div>
<div class="wz-no-display">
<kbn-vis vis-id="'Wazuh-App-Agents-General-Metric-alerts'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-General-Level-12-alerts'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-General-Authentication-failure'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-General-Authentication-success'"></kbn-vis>
</div>
<div layout="row" layout-align="start stretch" class="height-400">
<md-card flex class="wz-md-card" ng-class="{'fullscreen': expandArray[0]}">
<md-card-actions layout="row" layout-align="end center" class="wz-card-actions-vis" ng-dblclick="expand(0)">
@ -10,8 +28,7 @@
</span>
</md-card-actions>
<md-card-content class="wazuh-column">
<kbn-vis id="Wazuh-App-Agents-Overview-Alert-level-evolution"
vis-id="'Wazuh-App-Agents-Overview-Alert-level-evolution'"></kbn-vis>
<kbn-vis id="Wazuh-App-Agents-Overview-Alert-level-evolution" vis-id="'Wazuh-App-Agents-Overview-Alert-level-evolution'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex class="wz-md-card" ng-class="{'fullscreen': expandArray[1]}">
@ -52,8 +69,7 @@
</span>
</md-card-actions>
<md-card-content class="wazuh-column">
<kbn-vis id="Wazuh-App-Agents-Overview-Top-10-groups"
vis-id="'Wazuh-App-Agents-Overview-Top-10-groups'">
<kbn-vis id="Wazuh-App-Agents-Overview-Top-10-groups" vis-id="'Wazuh-App-Agents-Overview-Top-10-groups'">
</kbn-vis>
</md-card-content>
</md-card>
@ -66,8 +82,7 @@
</span>
</md-card-actions>
<md-card-content class="wazuh-column">
<kbn-vis id="Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements"
vis-id="'Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements'"></kbn-vis>
<kbn-vis id="Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements" vis-id="'Wazuh-App-Agents-Overview-Top-5-PCI-DSS-Requirements'"></kbn-vis>
</md-card-content>
</md-card>
</div>

12
public/utils/agents-metrics.js
View File

@ -9,6 +9,17 @@
*
* Find more information about this on the LICENSE file.
*/
// Metrics General
const metricsGeneral = {
totalAlerts: '[vis-id="\'Wazuh-App-Agents-General-Metric-alerts\'"]',
level12: '[vis-id="\'Wazuh-App-Agents-General-Level-12-alerts\'"]',
authFailure:
'[vis-id="\'Wazuh-App-Agents-General-Authentication-failure\'"]',
authSuccess:
'[vis-id="\'Wazuh-App-Agents-General-Authentication-success\'"]'
};
// Metrics Audit
const metricsAudit = {
auditNewFiles: '[vis-id="\'Wazuh-App-Agents-Audit-New-files-metric\'"]',
@ -60,6 +71,7 @@ const metricsVirustotal = {
};
export default {
metricsGeneral,
metricsAudit,
metricsVulnerability,
metricsScap,

161
server/integration-files/visualizations/agents/agents-general.js
View File

@ -26,6 +26,167 @@ export default [
},
_type: 'visualization'
},
{
_id: 'Wazuh-App-Agents-General-Metric-alerts',
_source: {
title: 'Metric alerts',
visState:
'{"title":"Metric Alerts","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Alerts"}}]}',
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
description: '',
version: 1,
kibanaSavedObjectMeta: {
searchSourceJSON:
'{"index":"wazuh-alerts","filter":[],"query":{"query":"","language":"lucene"}}'
}
},
_type: 'visualization'
},
{
_id: 'Wazuh-App-Agents-General-Level-12-alerts',
_source: {
title: 'Level 12 alerts',
visState:
'{"title":"Count Level 12 Alerts","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Level 12 or above alerts"}}]}',
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
description: '',
version: 1,
kibanaSavedObjectMeta: {
searchSourceJSON: `{
"index":"wazuh-alerts",
"filter":[
{
"$state": {
"store": "appState"
},
"meta": {
"alias": null,
"disabled": false,
"index": "wazuh-alerts",
"key": "rule.level",
"negate": false,
"params": {
"gte": 12,
"lt": null
},
"type": "range",
"value": "12 to +∞"
},
"range": {
"rule.level": {
"gte": 12,
"lt": null
}
}
}
],
"query":{ "query": "", "language": "lucene" }
}`
}
},
_type: 'visualization'
},
{
_id: 'Wazuh-App-Agents-General-Authentication-failure',
_source: {
title: 'Authentication failure',
visState:
'{"title":"Count Authentication Failure","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Authentication failure"}}]}',
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
description: '',
version: 1,
kibanaSavedObjectMeta: {
searchSourceJSON: `{
"index":"wazuh-alerts",
"filter":[
{
"meta": {
"index": "wazuh-alerts",
"type": "phrases",
"key": "rule.groups",
"value": "authentication_failed, authentication_failures",
"params": [
"authentication_failed",
"authentication_failures"
],
"negate": false,
"disabled": false,
"alias": null
},
"query": {
"bool": {
"should": [
{
"match_phrase": {
"rule.groups": "authentication_failed"
}
},
{
"match_phrase": {
"rule.groups": "authentication_failures"
}
}
],
"minimum_should_match": 1
}
},
"$state": {
"store": "appState"
}
}
],
"query":{"query":"","language":"lucene"}
}`
}
},
_type: 'visualization'
},
{
_id: 'Wazuh-App-Agents-General-Authentication-success',
_source: {
title: 'Authentication success',
visState:
'{"title":"Count Authentication Success","type":"metric","params":{"addTooltip":true,"addLegend":false,"type":"gauge","gauge":{"verticalSplit":false,"autoExtend":false,"percentageMode":false,"gaugeType":"Metric","gaugeStyle":"Full","backStyle":"Full","orientation":"vertical","colorSchema":"Green to Red","gaugeColorMode":"None","useRange":false,"colorsRange":[{"from":0,"to":100}],"invertColors":false,"labels":{"show":true,"color":"black"},"scale":{"show":false,"labels":false,"color":"#333","width":2},"type":"simple","style":{"fontSize":20,"bgColor":false,"labelColor":false,"subText":""}}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{"customLabel":"Authentication success"}}]}',
uiStateJSON: '{"vis":{"defaultColors":{"0 - 100":"rgb(0,104,55)"}}}',
description: '',
version: 1,
kibanaSavedObjectMeta: {
searchSourceJSON: `{
"index":"wazuh-alerts",
"filter":[
{
"meta": {
"index": "wazuh-alerts",
"negate": false,
"disabled": false,
"alias": null,
"type": "phrase",
"key": "rule.groups",
"value": "authentication_success",
"params": {
"query": "authentication_success",
"type": "phrase"
}
},
"query": {
"match": {
"rule.groups": {
"query": "authentication_success",
"type": "phrase"
}
}
},
"$state": {
"store": "appState"
}
}
],
"query":{"query":"","language":"lucene"}
}`
}
},
_type: 'visualization'
},
{
_id: 'Wazuh-App-Agents-Overview-Top-10-groups',
_source: {