mirror of
https://github.com/valitydev/wazuh-kibana-app.git
synced 2024-11-07 10:18:57 +00:00
Jesús Ángel
parent
73f2056673
commit
86aae0f741
@ -73,6 +73,10 @@ export class AgentsPreviewController {
|
||||
this.versions = [];
|
||||
this.groups = [];
|
||||
this.nodes = [];
|
||||
this.mostActiveAgent = {
|
||||
name: '',
|
||||
id: ''
|
||||
};
|
||||
|
||||
// Load URL params
|
||||
if (loc && loc.tab) {
|
||||
@ -151,13 +155,20 @@ export class AgentsPreviewController {
|
||||
|
||||
const api = JSON.parse(this.appState.getCurrentAPI()).id;
|
||||
const clusterInfo = this.appState.getClusterInfo();
|
||||
const firstUrlParam =
|
||||
clusterInfo.status === 'enabled' ? 'cluster' : 'manager';
|
||||
const secondUrlParam = clusterInfo[firstUrlParam];
|
||||
|
||||
const agentsUnique = await this.genericReq.request(
|
||||
'GET',
|
||||
'/api/agents-unique/' + api,
|
||||
{}
|
||||
);
|
||||
const pattern = this.appState.getCurrentPattern();
|
||||
|
||||
const data = await Promise.all([
|
||||
this.genericReq.request('GET', '/api/agents-unique/' + api, {}),
|
||||
this.genericReq.request(
|
||||
'GET',
|
||||
`/elastic/top/${firstUrlParam}/${secondUrlParam}/agent.name/${pattern}`
|
||||
)
|
||||
]);
|
||||
const [agentsUnique, agentsTop] = data;
|
||||
const unique = agentsUnique.data.result;
|
||||
|
||||
this.searchBarModel = {
|
||||
@ -193,6 +204,22 @@ export class AgentsPreviewController {
|
||||
this.agentsCountNeverConnected = unique.summary.agentsCountNeverConnected;
|
||||
this.agentsCountTotal = unique.summary.agentsCountTotal;
|
||||
this.agentsCoverity = unique.summary.agentsCoverity;
|
||||
|
||||
if (agentsTop.data.data === '') {
|
||||
this.mostActiveAgent.name = this.appState.getClusterInfo().manager;
|
||||
this.mostActiveAgent.id = '000';
|
||||
} else {
|
||||
this.mostActiveAgent.name = agentsTop.data.data;
|
||||
const info = await this.genericReq.request(
|
||||
'GET',
|
||||
`/elastic/top/${firstUrlParam}/${secondUrlParam}/agent.id/${pattern}`
|
||||
);
|
||||
if (info.data.data === '' && this.mostActiveAgent.name !== '') {
|
||||
this.mostActiveAgent.id = '000';
|
||||
} else {
|
||||
this.mostActiveAgent.id = info.data.data;
|
||||
}
|
||||
}
|
||||
} catch (error) {
|
||||
this.errorInit = this.errorHandler.handle(error, false, false, true);
|
||||
}
|
||||
|
||||
@ -106,6 +106,21 @@
|
||||
-</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="euiFlexItem euiFlexItem--flexGrowZero">
|
||||
|
||||
<div class="euiStat">
|
||||
<div class="euiText euiText--small euiStat__description">
|
||||
<p>Most active agent</p>
|
||||
</div>
|
||||
<p ng-if="ctrl.lastAgent && ctrl.lastAgent.id && ctrl.mostActiveAgent.id !== '000'"
|
||||
ng-click="ctrl.showAgent(ctrl.mostActiveAgent)"
|
||||
class="euiTitle euiTitle--small euiStat__title wz-text-link cursor-pointer">
|
||||
{{ctrl.mostActiveAgent.name}}</p>
|
||||
<p ng-if="!ctrl.lastAgent || !ctrl.lastAgent.id"
|
||||
class="euiTitle euiTitle--small euiStat__title">
|
||||
-</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -192,6 +192,70 @@ export class WazuhElasticCtrl {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This get the fields keys
|
||||
* @param {Object} req
|
||||
* @param {Object} reply
|
||||
* @returns {Array<Object>} fields or ErrorResponse
|
||||
*/
|
||||
async getFieldTop(req, reply) {
|
||||
try {
|
||||
// Top field payload
|
||||
let payload = {
|
||||
size: 1,
|
||||
query: {
|
||||
bool: {
|
||||
must: [],
|
||||
must_not: {
|
||||
term: {
|
||||
'agent.id': '000'
|
||||
}
|
||||
},
|
||||
filter: { range: { timestamp: {} } }
|
||||
}
|
||||
},
|
||||
aggs: {
|
||||
'2': {
|
||||
terms: {
|
||||
field: '',
|
||||
size: 1,
|
||||
order: { _count: 'desc' }
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
// Set up time interval, default to Last 24h
|
||||
const timeGTE = 'now-1d';
|
||||
const timeLT = 'now';
|
||||
payload.query.bool.filter.range['timestamp']['gte'] = timeGTE;
|
||||
payload.query.bool.filter.range['timestamp']['lt'] = timeLT;
|
||||
|
||||
// Set up match for default cluster name
|
||||
payload.query.bool.must.push(
|
||||
req.params.mode === 'cluster'
|
||||
? { match: { 'cluster.name': req.params.cluster } }
|
||||
: { match: { 'manager.name': req.params.cluster } }
|
||||
);
|
||||
|
||||
payload.aggs['2'].terms.field = req.params.field;
|
||||
payload.pattern = req.params.pattern;
|
||||
|
||||
const data = await this.wzWrapper.searchWazuhAlertsWithPayload(payload);
|
||||
|
||||
return data.hits.total.value === 0 ||
|
||||
typeof data.aggregations['2'].buckets[0] === 'undefined'
|
||||
? { statusCode: 200, data: '' }
|
||||
: {
|
||||
statusCode: 200,
|
||||
data: data.aggregations['2'].buckets[0].key
|
||||
};
|
||||
} catch (error) {
|
||||
log('wazuh-elastic:getFieldTop', error.message || error);
|
||||
return ErrorResponse(error.message || error, 4004, 500, reply);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This get the elastic setup settings
|
||||
* @param {Object} req
|
||||
|
||||
@ -66,6 +66,15 @@ export function WazuhElasticRouter(server) {
|
||||
}
|
||||
});
|
||||
|
||||
// Returns the agent with most alerts
|
||||
server.route({
|
||||
method: 'GET',
|
||||
path: '/elastic/top/{mode}/{cluster}/{field}/{pattern}',
|
||||
handler(req, res) {
|
||||
return ctrl.getFieldTop(req, res);
|
||||
}
|
||||
});
|
||||
|
||||
// Return Wazuh Appsetup info
|
||||
server.route({
|
||||
method: 'GET',
|
||||
|
||||
@ -100,6 +100,10 @@ describe('wazuh-elastic', () => {
|
||||
});
|
||||
});
|
||||
|
||||
/*it('GET /elastic/top/{mode}/{cluster}/{field}/{pattern}', async () => {
|
||||
throw Error('Test not implemented...')
|
||||
})*/
|
||||
|
||||
describe('Checking .wazuh-version index', () => {
|
||||
it('GET /elastic/setup', async () => {
|
||||
const res = await needle(
|
||||
|
||||
Loading…
Reference in New Issue
Block a user