valitydev/wazuh-kibana-app
14
0
Fork 0
mirror of https://github.com/valitydev/wazuh-kibana-app.git synced 2024-11-06 18:05:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated some visualizations of the Agents > Vulnerability tab

Browse Source
This commit is contained in:
Jesús Ángel 2018-10-08 11:41:49 +02:00
parent ac9b76bde6
commit 31ab81a659
4 changed files with 138 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
public/templates/agents/agents-vuls.html
View File

@ -1,53 +1,74 @@
<md-content flex layout="column" ng-if="tab === 'vuls' && tabView === 'panels'" ng-class="{'no-opacity': resultState !== 'ready' || !rendered}" layout-align="start">
<md-content flex layout="column" ng-if="tab === 'vuls' && tabView === 'panels'" ng-class="{'no-opacity': resultState !== 'ready' || !rendered}"
layout-align="start">
<!-- View: Panels -->
<div layout="row">
<md-card flex class="wz-metric-color wz-md-card">
<md-card-content layout="row" class="wz-padding-metric">
<div flex>Critical severity alerts: <span class="wz-text-bold" ng-bind="vulnCritical()"></span></div>
<div flex>High severity alerts: <span class="wz-text-bold" ng-bind="vulnHigh()"></span></div>
<div flex>Medium severity alerts: <span class="wz-text-bold" ng-bind="vulnMedium()"></span></div>
<div flex>Low severity alerts: <span class="wz-text-bold" ng-bind="vulnLow()"></span></div>
</md-card-content>
</md-card>
</div>
<div layout="row">
<md-card flex class="wz-metric-color wz-md-card">
<md-card-content layout="row" class="wz-padding-metric">
<div flex>Critical severity alerts: <span class="wz-text-bold" ng-bind="vulnCritical()"></span></div>
<div flex>High severity alerts: <span class="wz-text-bold" ng-bind="vulnHigh()"></span></div>
<div flex>Medium severity alerts: <span class="wz-text-bold" ng-bind="vulnMedium()"></span></div>
<div flex>Low severity alerts: <span class="wz-text-bold" ng-bind="vulnLow()"></span></div>
</md-card-content>
</md-card>
</div>
<div class="wz-no-display">
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-Critical-severity'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-High-severity'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-Medium-severity'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-Low-severity'"></kbn-vis>
</div>
<div class="wz-no-display">
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-Critical-severity'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-High-severity'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-Medium-severity'"></kbn-vis>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Metric-Low-severity'"></kbn-vis>
</div>
<div layout="row" layout-align="center stretch" class="height-270">
<md-card flex="60" class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Alerts severity over time</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Agents-vulnerability-Alerts-severity-over-time" vis-id="'Wazuh-App-Agents-vulnerability-Alerts-severity-over-time'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex="40" class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Affected packages - Top 5</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Agents-vulnerability-Top-5-affected-packages" vis-id="'Wazuh-App-Agents-vulnerability-Top-5-affected-packages'"></kbn-vis>
</md-card-content>
</md-card>
</div>
<div layout="row" layout-align="center stretch" class="height-300">
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Alerts severity over time</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Agents-vulnerability-Alerts-severity-over-time" vis-id="'Wazuh-App-Agents-vulnerability-Alerts-severity-over-time'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Most common rules</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Agents-vulnerability-Most-common-rules" vis-id="'Wazuh-App-Agents-vulnerability-Most-common-rules'"></kbn-vis>
</md-card-content>
</md-card>
</div>
<div layout="row" layout-align="center stretch" class="height-270">
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Most common CVEs</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Agents-vulnerability-Vulnerability-Most-common-CVEs" vis-id="'Wazuh-App-Agents-vulnerability-Vulnerability-Most-common-CVEs'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Severity distribution</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Agents-vulnerability-Vulnerability-severity-distribution" vis-id="'Wazuh-App-Agents-vulnerability-Vulnerability-severity-distribution'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Commonly affected packages</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Agents-vulnerability-Commonly-affected-packages" vis-id="'Wazuh-App-Agents-vulnerability-Commonly-affected-packages'"></kbn-vis>
</md-card-content>
</md-card>
</div>
<div layout="row" class="height-570">
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Alerts summary</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Alerts-summary'"></kbn-vis>
</md-card-content>
</md-card>
</div>
</md-content>
<div layout="row" class="height-570">
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Alert summary</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis vis-id="'Wazuh-App-Agents-vulnerability-Alert-summary'"></kbn-vis>
</md-card-content>
</md-card>
</div>
</md-content>

27
public/templates/overview/overview-vuls.html
View File

@ -1,4 +1,5 @@
<md-content flex layout="column" ng-if="tab === 'vuls' && tabView === 'panels'" ng-class="{'no-opacity': resultState !== 'ready' || !rendered}" layout-align="start">
<md-content flex layout="column" ng-if="tab === 'vuls' && tabView === 'panels'" ng-class="{'no-opacity': resultState !== 'ready' || !rendered}"
layout-align="start">
<div layout="row">
<md-card flex class="wz-metric-color wz-md-card">
@ -19,15 +20,15 @@
</div>
<div layout="row" layout-align="center stretch" class="height-270">
<md-card flex="30" class="wz-md-card">
<md-card-content class="wazuh-column" >
<span class="wz-headline-title">Most affected agents</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Overview-vulnerability-Most-affected-agents" vis-id="'Wazuh-App-Overview-vulnerability-Most-affected-agents'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex="30" class="wz-md-card">
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Most affected agents</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Overview-vulnerability-Most-affected-agents" vis-id="'Wazuh-App-Overview-vulnerability-Most-affected-agents'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column" >
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Alerts evolution over time</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Overview-vulnerability-Alerts-evolution-over-time" vis-id="'Wazuh-App-Overview-vulnerability-Alerts-evolution-over-time'"></kbn-vis>
@ -37,21 +38,21 @@
<div layout="row" layout-align="center stretch" class="height-270">
<md-card flex="30" class="wz-md-card">
<md-card-content class="wazuh-column" >
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Severity distribution</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Overview-vulnerability-Vulnerability-severity-distribution" vis-id="'Wazuh-App-Overview-vulnerability-Vulnerability-severity-distribution'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex="30" class="wz-md-card">
<md-card-content class="wazuh-column" >
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Commonly affected packages</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Overview-vulnerability-Commonly-affected-packages" vis-id="'Wazuh-App-Overview-vulnerability-Commonly-affected-packages'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex class="wz-md-card">
<md-card-content class="wazuh-column" >
<md-card-content class="wazuh-column">
<span class="wz-headline-title">Most common CVEs</span>
<md-divider class="wz-margin-top-10"></md-divider>
<kbn-vis id="Wazuh-App-Overview-vulnerability-Most-common-CVEs" vis-id="'Wazuh-App-Overview-vulnerability-Most-common-CVEs'"></kbn-vis>
@ -68,4 +69,4 @@
</md-card>
</div>
</md-content>
</md-content>

9
public/utils/agents-metrics.js
View File

@ -21,9 +21,12 @@ const metricsAudit = {
// Metrics Vulnerability Detector
const metricsVulnerability = {
vulnCritical: '[vis-id="\'Wazuh-App-Agents-vulnerability-Metric-Critical-severity\'"]',
vulnHigh: '[vis-id="\'Wazuh-App-Agents-vulnerability-Metric-High-severity\'"]',
vulnMedium: '[vis-id="\'Wazuh-App-Agents-vulnerability-Metric-Medium-severity\'"]',
vulnCritical:
'[vis-id="\'Wazuh-App-Agents-vulnerability-Metric-Critical-severity\'"]',
vulnHigh:
'[vis-id="\'Wazuh-App-Agents-vulnerability-Metric-High-severity\'"]',
vulnMedium:
'[vis-id="\'Wazuh-App-Agents-vulnerability-Metric-Medium-severity\'"]',
vulnLow: '[vis-id="\'Wazuh-App-Agents-vulnerability-Metric-Low-severity\'"]'
};

53
server/integration-files/visualizations/agents/agents-vuls.js
View File

@ -27,7 +27,7 @@ export default [
}
},
{
_id: 'Wazuh-App-Agents-vulnerability-Alerts-summary',
_id: 'Wazuh-App-Agents-vulnerability-Alert-summary',
_type: 'visualization',
_source: {
title: 'Alerts summary',
@ -44,7 +44,7 @@ export default [
}
},
{
_id: 'Wazuh-App-Agents-vulnerability-Top-5-affected-packages',
_id: 'Wazuh-App-Agents-vulnerability-Commonly-affected-packages',
_type: 'visualization',
_source: {
title: 'Top 5 affected packages',
@ -258,5 +258,54 @@ export default [
'{"index":"wazuh-alerts","filter":[],"query":{"query":"","language":"lucene"}}'
}
}
},
{
_id: 'Wazuh-App-Agents-vulnerability-Most-common-rules',
_type: 'visualization',
_source: {
title: 'Most common rules',
visState:
'{"title":"Most common rules","type":"table","params":{"perPage":10,"showPartialRows":false,"showMetricsAtAllLevels":false,"sort":{"columnIndex":null,"direction":null},"showTotal":false,"totalFunc":"sum"},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{}},{"id":"2","enabled":true,"type":"terms","schema":"bucket","params":{"field":"rule.id","size":5,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Rule ID"}},{"id":"3","enabled":true,"type":"terms","schema":"bucket","params":{"field":"rule.description","size":1,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Description"}}]}',
uiStateJSON:
'{"vis":{"params":{"sort":{"columnIndex":null,"direction":null}}}}',
description: '',
version: 1,
kibanaSavedObjectMeta: {
searchSourceJSON:
'{"index":"wazuh-alerts","filter":[],"query":{"query":"","language":"lucene"}}'
}
}
},
{
_id: 'Wazuh-App-Agents-vulnerability-Vulnerability-severity-distribution',
_type: 'visualization',
_source: {
title: 'Severity distribution',
visState:
'{"title":"Severity distribution","type":"pie","params":{"type":"pie","addTooltip":true,"addLegend":true,"legendPosition":"right","isDonut":true,"labels":{"show":false,"values":true,"last_level":true,"truncate":100}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{}},{"id":"2","enabled":true,"type":"terms","schema":"segment","params":{"field":"data.vulnerability.severity","size":5,"order":"desc","orderBy":"1","customLabel":"Severity"}}]}',
uiStateJSON: '{}',
description: '',
version: 1,
kibanaSavedObjectMeta: {
searchSourceJSON:
'{"index":"wazuh-alerts","filter":[],"query":{"query":"","language":"lucene"}}'
}
}
},
{
_id: 'Wazuh-App-Agents-vulnerability-Vulnerability-Most-common-CVEs',
_type: 'visualization',
_source: {
title: 'Most common CVEs',
visState:
'{"title":"Most common CVEs","type":"pie","params":{"type":"pie","addTooltip":true,"addLegend":true,"legendPosition":"right","isDonut":true,"labels":{"show":false,"values":true,"last_level":true,"truncate":100}},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{}},{"id":"2","enabled":true,"type":"terms","schema":"segment","params":{"field":"data.vulnerability.cve","size":5,"order":"desc","orderBy":"1","customLabel":"CVE"}}]}',
uiStateJSON: '{}',
description: '',
version: 1,
kibanaSavedObjectMeta: {
searchSourceJSON:
'{"index":"wazuh-alerts","filter":[],"query":{"query":"","language":"lucene"}}'
}
}
}
];