From 9656be3bf30ee084712f633691414773fdef17d2 Mon Sep 17 00:00:00 2001
From: Pedro Sanchez <pedro@wazuh.com>
Date: Mon, 16 Jan 2017 10:27:53 -0800
Subject: [PATCH] Design(3) SCAP Agent panels

---
 public/app.js                          |   1 +
 public/controllers/agents.js           |  39 ++++++-
 public/controllers/agentsFim.js        |   1 -
 public/controllers/agentsOscap.js      |  16 +++
 public/controllers/agentsOverview.js   |   2 +-
 public/controllers/agentsPm.js         |   1 -
 public/controllers/agentsPreview.js    |   1 -
 public/controllers/general.js          |  27 ++++-
 public/controllers/manager.js          |   4 +-
 public/controllers/osseclog.js         |   2 +-
 public/controllers/overview.js         |   8 +-
 public/controllers/ruleset.js          |   6 +-
 public/less/main.less                  |   3 +
 public/templates/agents-oscap.html     | 155 +++++++++++++++++++++++++
 public/templates/agents-pm.html        |   2 +-
 public/templates/agents.head           |   1 +
 public/templates/agents.jade           |   1 +
 public/templates/overview.head         |   2 +-
 public/templates/tabview-discover.html |   2 +-
 server/routes/wazuh-elastic.js         |  23 +++-
 20 files changed, 268 insertions(+), 29 deletions(-)
 create mode 100644 public/controllers/agentsOscap.js
 create mode 100644 public/templates/agents-oscap.html

diff --git a/public/app.js b/public/app.js
index f783bf9d5..0173f96f8 100644
--- a/public/app.js
+++ b/public/app.js
@@ -52,6 +52,7 @@ require('plugins/wazuh/controllers/agentsOverview.js');
 require('plugins/wazuh/controllers/agentsPreview.js');
 require('plugins/wazuh/controllers/agentsFim.js');
 require('plugins/wazuh/controllers/agentsPm.js');
+require('plugins/wazuh/controllers/agentsOscap.js');
 
 // Settings
 require('plugins/wazuh/controllers/settings.js');
diff --git a/public/controllers/agents.js b/public/controllers/agents.js
index 528d512aa..fae893bbc 100644
--- a/public/controllers/agents.js
+++ b/public/controllers/agents.js
@@ -1,16 +1,19 @@
 // Require config
 var app = require('ui/modules').get('app/wazuh', []);
 
-app.controller('agentsController', function ($scope, $q, DataFactory, $mdToast, appState, errlog, $window) {
-    //Initialisation
+app.controller('agentsController', function ($scope, $q, DataFactory, $mdToast, appState, errlog, $window, genericReq) {
+    //Initialization
+	$scope.state = appState;
     $scope.load = true;
     $scope.search = '';
     $scope.submenuNavItem = '';
     $scope.state = appState;
 	$scope._status = 'all';
 	
+	$scope.dynamicTab_fields = {};
     var objectsArray = [];
-
+	$scope.defaultManager = $scope.state.getDefaultManager().name;
+	
     //Print Error
     var printError = function (error) {
         $mdToast.show({
@@ -58,6 +61,24 @@ app.controller('agentsController', function ($scope, $q, DataFactory, $mdToast,
         return promise;
     };
 
+	var daysAgo = 7;
+	var date = new Date();
+	date.setDate(date.getDate() - daysAgo);
+	var timeAgo = date.getTime();
+	
+	// Function: Check if rule group exists on Elastic cluster latest alerts.
+	$scope.dynamicTab_exists = function (group, agentName) {
+		genericReq.request('GET', '/api/wazuh-elastic/top/'+$scope.defaultManager+'/rule.groups/rule.groups/'+group+'/agent.name/'+agentName+'/'+timeAgo)
+			.then(function (data) {
+				console.log(data);
+				if(data.data != ""){
+					$scope.dynamicTab_fields[group] = true;
+				}else{
+					$scope.dynamicTab_fields[group] = false
+				}
+        });	
+    };
+	
     $scope.applyAgent = function (agent) {
         if (agent) {
 			$scope.load = true;
@@ -65,6 +86,10 @@ app.controller('agentsController', function ($scope, $q, DataFactory, $mdToast,
             $scope.submenuNavItem = 'overview';
             $scope._agent = agent;
             $scope.search = agent.name;
+			
+			// Checking dynamic panels
+			$scope.dynamicTab_exists("oscap", $scope._agent.name);
+			
 			$scope.load = false;
         }
     };
@@ -105,19 +130,21 @@ app.controller('agentsController', function ($scope, $q, DataFactory, $mdToast,
 			}, printError);
 	};
 
-
     var load = function () {
         DataFactory.initialize('get', '/agents', {}, 5, 0)
             .then(function (data) {
                 objectsArray['/agents'] = data;
 				DataFactory.filters.register(objectsArray['/agents'], 'search', 'string');
 				/* tmp for debugging. Forcing a tab/agent selected.*/
-					$scope.submenuNavItem = 'policy_monitoring';
-					DataFactory.getAndClean('get', '/agents/' + "000", {})
+				/*	
+					$scope.submenuNavItem = 'oscap';
+					DataFactory.getAndClean('get', '/agents/' + "002", {})
 					.then(function (data) {
 						$scope.agentInfo = data.data;
 						$scope._agent = data.data;
+						$scope.dynamicTab_exists("oscap", $scope._agent.name);
 					}, printError);
+				*/
 				// close tmp
                 $scope.load = false;
             }, printError);
diff --git a/public/controllers/agentsFim.js b/public/controllers/agentsFim.js
index 2ed65cbe9..e5b537803 100644
--- a/public/controllers/agentsFim.js
+++ b/public/controllers/agentsFim.js
@@ -2,7 +2,6 @@
 var app = require('ui/modules').get('app/wazuh', []);
 
 app.controller('fimController', function ($scope, $q, DataFactory, $mdToast, errlog) {
-    //Initialisation
     $scope._fimEvent = 'all'
 
     //Print error
diff --git a/public/controllers/agentsOscap.js b/public/controllers/agentsOscap.js
new file mode 100644
index 000000000..bfbb549a5
--- /dev/null
+++ b/public/controllers/agentsOscap.js
@@ -0,0 +1,16 @@
+// Require config
+var app = require('ui/modules').get('app/wazuh', []);
+
+app.controller('oscapController', function ($scope, DataFactory, $mdToast, errlog, appState) {
+	$scope.defaultManagerName = appState.getDefaultManager().name;
+
+    //Print Error
+    var printError = function (error) {
+        $mdToast.show({
+            template: '<md-toast>' + error.html + '</md-toast>',
+            position: 'bottom left',
+            hideDelay: 5000,
+        });
+    }
+
+});
diff --git a/public/controllers/agentsOverview.js b/public/controllers/agentsOverview.js
index cf8da6587..70c3d0a12 100644
--- a/public/controllers/agentsOverview.js
+++ b/public/controllers/agentsOverview.js
@@ -3,7 +3,7 @@ var app = require('ui/modules').get('app/wazuh', []);
 
 app.controller('agentsOverviewController', function ($scope, DataFactory, $mdToast) {
 
-    //Initialisation
+    //Initialization 
     $scope.load = true;
     $scope.agentInfo = $scope.$parent._agent;
 	
diff --git a/public/controllers/agentsPm.js b/public/controllers/agentsPm.js
index 643e283be..55846a4e7 100644
--- a/public/controllers/agentsPm.js
+++ b/public/controllers/agentsPm.js
@@ -2,7 +2,6 @@
 var app = require('ui/modules').get('app/wazuh', []);
 
 app.controller('pmController', function ($scope, DataFactory, $mdToast, errlog, appState) {
-    //Initialisation
 	$scope.defaultManagerName = appState.getDefaultManager().name;
 
     //Print Error
diff --git a/public/controllers/agentsPreview.js b/public/controllers/agentsPreview.js
index f5ebf537a..027d75202 100644
--- a/public/controllers/agentsPreview.js
+++ b/public/controllers/agentsPreview.js
@@ -30,7 +30,6 @@ app.factory('Agents', function($http, DataFactory) {
 
 app.controller('agentsPreviewController', function ($scope, DataFactory, $mdToast, errlog, genericReq, Agents) {
 
-    //Initialisation
     $scope.load = true;
     $scope.agents = [];
     $scope._status = 'all';
diff --git a/public/controllers/general.js b/public/controllers/general.js
index ede9432b6..2f0fcde96 100644
--- a/public/controllers/general.js
+++ b/public/controllers/general.js
@@ -12,9 +12,12 @@ app.controller('stateController', function ($scope, appState, $route) {
 
 });
 
-app.controller('generalController', function ($scope, appState, $window) {
+app.controller('generalController', function ($scope, appState, $window, genericReq, $q) {
     $scope.state = appState;
-
+	$scope.defaultManager = $scope.state.getDefaultManager().name;
+	$scope.dynamicTab_fields = {};
+	
+	
     $scope.openDashboard = function (dashboard, filter) {
         $scope.state.setDashboardsState(dashboard, filter);
 		$window.location.href = '#/dashboards/';
@@ -28,5 +31,25 @@ app.controller('generalController', function ($scope, appState, $window) {
 	$scope.changeTabView = function (view) {
         $scope.tabView = view;
     }
+	
+	var daysAgo = 7;
+	var date = new Date();
+	date.setDate(date.getDate() - daysAgo);
+	var timeAgo = date.getTime();
+	
+	// Function: Check if rule group exists on Elastic cluster latest alerts.
+	$scope.dynamicTab_exists = function (group) {
+		genericReq.request('GET', '/api/wazuh-elastic/top/'+$scope.defaultManager+'/rule.groups/rule.groups/'+group)
+			.then(function (data) {
+				console.log(data);
+				if(data.data != ""){
+					$scope.dynamicTab_fields[group] = true;
+				}else{
+					$scope.dynamicTab_fields[group] = false
+				}
+        });	
+    };
+	// Checking dynamic panels
+	$scope.dynamicTab_exists("oscap");
 
 });
diff --git a/public/controllers/manager.js b/public/controllers/manager.js
index 67d1add63..773654f2b 100644
--- a/public/controllers/manager.js
+++ b/public/controllers/manager.js
@@ -2,7 +2,7 @@
 var app = require('ui/modules').get('app/wazuh', []);
 
 app.controller('managerController', function ($scope, DataFactory, genericReq, $mdDialog, $mdToast, errlog) {
-    //Initialisation
+    //Initialization
     $scope.load = true;
     $scope.$parent.state.setManagerState('status');
     $scope.defaultManager = $scope.$parent.state.getDefaultManager().name;
@@ -98,7 +98,7 @@ app.controller('managerController', function ($scope, DataFactory, genericReq, $
 });
 
 app.controller('managerConfigurationController', function ($scope, DataFactory, errlog) {
-    //Initialisation
+    //Initialization
     $scope.load = true;
     $scope.$parent.state.setManagerState('configuration');
 
diff --git a/public/controllers/osseclog.js b/public/controllers/osseclog.js
index ce7bf8443..634c5d236 100644
--- a/public/controllers/osseclog.js
+++ b/public/controllers/osseclog.js
@@ -2,7 +2,7 @@
 var app = require('ui/modules').get('app/wazuh', []);
 
 app.controller('osseclogController', function ($scope, DataFactory, $sce, $interval, $mdToast, errlog) {
-    //Initialisation
+    //Initialization
     $scope.load = true;
     $scope.text = [];
     $scope.realtime = false;
diff --git a/public/controllers/overview.js b/public/controllers/overview.js
index 3223009eb..1e260e8b2 100644
--- a/public/controllers/overview.js
+++ b/public/controllers/overview.js
@@ -1,21 +1,21 @@
 var app = require('ui/modules').get('app/wazuh', []);
 
 app.controller('overviewGeneralController', function ($scope, DataFactory, genericReq, $mdToast, errlog) {
-    //Initialisation
+
     $scope.load = true;
 	$scope.defaultManager = $scope.$parent.state.getDefaultManager().name;
 
 });
 
 app.controller('overviewFimController', function ($scope, DataFactory, genericReq, $mdToast, errlog) {
-    //Initialisation
+
     $scope.load = true;
 	$scope.defaultManager = $scope.$parent.state.getDefaultManager().name;
 
 });
 
 app.controller('overviewPMController', function ($scope, DataFactory, genericReq, $mdToast, errlog) {
-    //Initialisation
+
     $scope.load = true;
     $scope.$parent.state.setOverviewState('pm');
 	$scope.defaultManager = $scope.$parent.state.getDefaultManager().name;
@@ -23,7 +23,7 @@ app.controller('overviewPMController', function ($scope, DataFactory, genericReq
 });
 
 app.controller('overviewOSCAPController', function ($scope, DataFactory, genericReq, $mdToast, errlog) {
-    //Initialisation
+
     $scope.load = true;
     $scope.$parent.state.setOverviewState('oscap');
 	$scope.defaultManager = $scope.$parent.state.getDefaultManager().name;
diff --git a/public/controllers/ruleset.js b/public/controllers/ruleset.js
index 0b91a5fab..5b16bc93a 100644
--- a/public/controllers/ruleset.js
+++ b/public/controllers/ruleset.js
@@ -54,7 +54,7 @@ app.factory('Decoders', function($http, DataFactory) {
 });
 
 app.controller('rulesController', function ($scope, $q, DataFactory, $mdToast, errlog, $window, $document, Rules) {
-    //Initialisation
+    //Initialization
     $scope.load = true;
     $scope.$parent.state.setRulesetState('rules');
     $scope.$parent.state.setManagerState('ruleset');
@@ -292,7 +292,7 @@ app.controller('rulesController', function ($scope, $q, DataFactory, $mdToast, e
 
 app.controller('decodersController', function ($scope, $q, $sce, DataFactory, $mdToast, errlog, Decoders) {
 	
-    //Initialisation
+    //Initialization
     $scope.load = true;
     $scope.$parent.state.setRulesetState('decoders');
 	$scope.setRulesTab('decoders');
@@ -510,7 +510,7 @@ app.controller('decodersController', function ($scope, $q, $sce, DataFactory, $m
 
 
 app.controller('updateRulesetController', function ($scope, $q, DataFactory, $mdDialog, $mdToast, errlog) {
-    //Initialisation
+    //Initialization
     $scope.load = true;
     $scope.$parent.state.setRulesetState('update');
 
diff --git a/public/less/main.less b/public/less/main.less
index b929b5e8d..2fc9f52ab 100644
--- a/public/less/main.less
+++ b/public/less/main.less
@@ -758,4 +758,7 @@ md-select-menu.md-default-theme md-content md-option:not([disabled]):focus, md-s
 }
 .vis-expand-leyend .legend-col-wrapper .legend-ul {
 	width: 363px;
+}
+.metric-vis .metric-value {
+  font-weight: normal;
 }
\ No newline at end of file
diff --git a/public/templates/agents-oscap.html b/public/templates/agents-oscap.html
new file mode 100644
index 000000000..ec16ec0c2
--- /dev/null
+++ b/public/templates/agents-oscap.html
@@ -0,0 +1,155 @@
+<md-content ng-if="submenuNavItem == 'oscap' && tabView == 'panels'" ng-if="_agent">
+    <div flex ng-controller="oscapController" layout="column">
+        <md-progress-linear class="md-accent" md-mode="indeterminate" ng-show="load"></md-progress-linear>
+		<kbn-searchbar></kbn-searchbar>	
+		<md-content layout="row" layout-align="center stretch">
+			<md-card flex="20" layout="column">
+					<md-card-content style="text-align: center;">
+						<kbn-vis vis-height="70px"  vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(field:oscap.scan.score,customLabel:'Higher score'),schema:metric,type:max)),listeners:(),params:(fontSize:19,handleNoResults:!t),title:'New%20Visualization',type:metric))" vis-filter="agent.name: {{_agent.name}}"></kbn-vis>
+					</md-card-content>
+			</md-card>
+			<md-card flex="20" layout="column">
+					<md-card-content style="text-align: center;">
+						<kbn-vis vis-height="70px"  vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(field:oscap.scan.score,customLabel:'Lower score'),schema:metric,type:min)),listeners:(),params:(fontSize:19,handleNoResults:!t),title:'New%20Visualization',type:metric))" vis-filter="agent.name: {{_agent.name}}">
+						</kbn-vis>
+					</md-card-content>
+			</md-card>
+			<md-card flex="20" layout="column">
+					<md-card-content style="text-align: center; margin-top: 6px; ">
+						<kbn-vis-value style="margin-top: 6px" vis-height="37px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:oscap.scan.score,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter="agent.name: {{_agent.name}}"></kbn-vis-value>
+						<div class="ng-binding">Last score</div>
+					</md-card-content>
+			</md-card>
+			<md-card  flex="40" layout="column">
+					<md-card-content style="text-align: center;">
+						<kbn-vis-value vis-height="37px"  vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:oscap.scan.profile.title,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter="oscap.check.result: fail AND rule.groups: oscap AND agent.name: {{_agent.name}}"></kbn-vis-value>
+						<div class="ng-binding">Last scan profile</div>
+					</md-card-content>
+			</md-card>
+		</md-content>
+		
+
+		<md-content layout="row" layout-align="center stretch">
+				<md-card flex="25">
+					<md-card-title>
+						<md-card-title-text>
+							<span class="md-headline">Scans</span>
+						</md-card-title-text>
+					</md-card-title>
+					<md-card-content>
+						<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.scan.id,order:desc,orderBy:'1',size:10000),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Agents',type:pie))"
+							vis-filter="agent.name: {{_agent.name}}">
+						</kbn-vis>
+					</md-card-content>
+				</md-card>
+				<md-card flex="25">
+					<md-card-title>
+						<md-card-title-text>
+							<span class="md-headline">Profiles</span>
+						</md-card-title-text>
+					</md-card-title>
+					<md-card-content>
+						<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'3',params:(field:oscap.scan.profile.title,order:desc,orderBy:'1',size:10000),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Profiles',type:pie))"
+							vis-filter="oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog AND agent.name: {{_agent.name}}">
+						</kbn-vis>
+					</md-card-content>
+				</md-card>
+				<md-card flex="25">
+					<md-card-title>
+						<md-card-title-text>
+							<span class="md-headline">Content</span>
+						</md-card-title-text>
+					</md-card-title>
+					<md-card-content>
+						<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.scan.content,order:desc,orderBy:'1',size:10000),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Content',type:pie))"
+							vis-filter="oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog AND agent.name: {{_agent.name}}">
+						</kbn-vis>
+					</md-card-content>
+				</md-card>
+				
+				<md-card flex="25">
+					<md-card-title>
+						<md-card-title-text>
+							<span class="md-headline">Severity</span>
+						</md-card-title-text>
+					</md-card-title>
+					<md-card-content>
+						<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.severity,order:desc,orderBy:'1',size:10000),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Content',type:pie))"
+							vis-filter="oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog AND agent.name: {{_agent.name}}">
+						</kbn-vis>
+					</md-card-content>
+				</md-card>
+		</md-content>
+
+		<md-content layout="row" layout-align="center stretch">
+			<md-card flex="100">
+					<md-card-title>
+						<md-card-title-text>
+							<span class="md-headline">Daily scans evolution</span>
+						</md-card-title-text>
+					</md-card-title>
+					<md-card-content>
+						<kbn-vis vis-height="160px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'rule.groups:oscap%20AND%20agent.name:localCentos')),uiState:(vis:(legendOpen:!f)),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customInterval:'2h',customLabel:'Daily%20scans',extended_bounds:(),field:'@timestamp',interval:d,min_doc_count:1),schema:segment,type:date_histogram)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,legendPosition:right,mode:stacked,scale:linear,setYExtents:!f,shareYAxis:!t,times:!(),yAxis:()),title:'New%20Visualization',type:histogram))"
+							vis-filter="rule.groups: oscap AND oscap.check.result:fail AND agent.name: {{_agent.name}}">
+						</kbn-vis>
+					</md-card-content>
+				</md-card>
+		</md-content>
+		
+		
+		<md-content layout="row" layout-align="center stretch">
+			<md-card flex="50">
+				<md-card-title>
+					<md-card-title-text>
+						<span class="md-headline">Top 10 - Alerts</span>
+					</md-card-title-text>
+				</md-card-title>
+				<md-card-content>
+					<kbn-vis class="vis-expand-leyend" vis-height="300px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.title,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!f,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Top%2020%20failed%20checks',type:pie))"
+						vis-filter="oscap.check.result: fail AND rule.groups:oscap AND rule.groups: oscap-result AND oscap.check.result:fail AND agent.name: {{_agent.name}}">
+					</kbn-vis>
+				</md-card-content>
+			</md-card>
+			
+			<md-card flex="50">
+				<md-card-title>
+					<md-card-title-text>
+						<span class="md-headline">Top 10 - High risk alerts</span>
+					</md-card-title-text>
+				</md-card-title>
+				<md-card-content>
+					<kbn-vis class="vis-expand-leyend" vis-height="300px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.title,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!f,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Top%2020%20failed%20checks',type:pie))"
+						vis-filter="oscap.check.severity: high AND oscap.check.result: fail AND rule.groups:oscap AND rule.groups: oscap-result AND oscap.check.result:fail AND agent.name: {{_agent.name}}">
+					</kbn-vis>
+				</md-card-content>
+			</md-card>
+		
+		</md-content>
+		
+		<md-content layout="row" layout-align="center stretch" >
+			<md-card  flex="100" layout="column">
+					<md-card-content style="text-align: center;">
+						<kbn-vis-value vis-height="44px"  vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.title,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter="oscap.check.result: fail AND rule.groups:oscap AND agent.name: {{_agent.name}}">
+						</kbn-vis-value>
+						<div class="ng-binding">Top alert</div>
+					</md-card-content>
+			</md-card>
+		</md-content>
+		
+		
+		<md-content layout-align="center stretch">
+			<md-card flex>
+				<md-card-title>
+					<md-card-title-text>
+						<span class="md-headline">Last alerts</span>
+					</md-card-title-text>
+				</md-card-title>
+				<md-card-content>
+					<kbn-vis vis-height="450px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customLabel:'Agent name',field:agent.name,order:desc,orderBy:'1',size:99999),schema:bucket,type:terms),(enabled:!t,id:'3',params:(customLabel:Title,field:oscap.check.title,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'4',params:(customLabel:Profile,field:oscap.scan.profile.title,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'5',params:(customLabel:'Scan ID',field:oscap.scan.id,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'6',params:(customLabel:Content,field:oscap.scan.content,order:desc,orderBy:'1',size:5),schema:bucket,type:terms)),listeners:(),params:(perPage:10,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))"
+						vis-filter='oscap.check.result: fail AND rule.groups: oscap AND agent.name: {{_agent.name}}'>
+					</kbn-vis>
+				</md-card-content>
+			</md-card>
+		</md-content>
+	</div>
+</md-content>
diff --git a/public/templates/agents-pm.html b/public/templates/agents-pm.html
index aae714e50..40d3e1852 100644
--- a/public/templates/agents-pm.html
+++ b/public/templates/agents-pm.html
@@ -1,5 +1,5 @@
 <md-content ng-if="submenuNavItem == 'policy_monitoring' && tabView == 'panels'" ng-if="_agent">
-<kbn-searchbar></kbn-searchbar>
+	<kbn-searchbar></kbn-searchbar>
     <div flex ng-controller="pmController" layout="column">
         <md-progress-linear class="md-accent" md-mode="indeterminate" ng-show="load"></md-progress-linear>
             <md-content layout="row">
diff --git a/public/templates/agents.head b/public/templates/agents.head
index 5caf6419c..9a2abbc13 100644
--- a/public/templates/agents.head
+++ b/public/templates/agents.head
@@ -71,6 +71,7 @@
 						<md-nav-item md-nav-click="submenuNavItem = 'overview'" name="overview">Overview</md-nav-item>
 						<md-nav-item md-nav-click="submenuNavItem = 'fim'" name="fim">File Integrity</md-nav-item>
 						<md-nav-item md-nav-click="submenuNavItem = 'policy_monitoring'" name="policy_monitoring">Policy Monitoring</md-nav-item>
+						<md-nav-item md-nav-click="submenuNavItem = 'oscap'" name="oscap" ng-show="dynamicTab_fields['oscap']">SCAP</md-nav-item>
 					</md-nav-bar>
 				</md-content>
 				
diff --git a/public/templates/agents.jade b/public/templates/agents.jade
index 515d24eca..d8ed9d5d1 100644
--- a/public/templates/agents.jade
+++ b/public/templates/agents.jade
@@ -3,6 +3,7 @@ include ./agents-preview.html
 include ./agents-overview.html
 include ./agents-fim.html
 include ./agents-pm.html
+include ./agents-oscap.html
 include ./tabview-discover.html
 include ./tabview-dashboard.html
 include ./agents.foot
\ No newline at end of file
diff --git a/public/templates/overview.head b/public/templates/overview.head
index 30b86ba1a..07fc37a3f 100644
--- a/public/templates/overview.head
+++ b/public/templates/overview.head
@@ -25,7 +25,7 @@
 				<md-nav-item md-nav-click="submenuNavItem = 'general'" name="general">General</md-nav-item>
 				<md-nav-item md-nav-click="submenuNavItem = 'fim'" name="fim">File integrity</md-nav-item>
 				<md-nav-item md-nav-click="submenuNavItem = 'pm'" name="pm">Policy monitoring</md-nav-item>
-				<md-nav-item md-nav-click="submenuNavItem = 'oscap'" name="oscap">SCAP</md-nav-item>
+				<md-nav-item md-nav-click="submenuNavItem = 'oscap'" name="oscap" ng-show="dynamicTab_fields['oscap']">SCAP</md-nav-item>
 			</md-nav-bar> 
 		</md-content>	
 		
diff --git a/public/templates/tabview-discover.html b/public/templates/tabview-discover.html
index adcd56f31..9a3536f3b 100644
--- a/public/templates/tabview-discover.html
+++ b/public/templates/tabview-discover.html
@@ -62,7 +62,7 @@
 <!-- SCAP -->
 <md-content style="background-color: white" flex layout="column" layout-align="start space-around" ng-if="menuNavItem == 'agents' && submenuNavItem == 'oscap' && tabView == 'discover'">
 	<kbn-disfull  table-height="1000px;" dis-a="(columns:!(agent.name,oscap.check.title,oscap.check.result,oscap.check.severity,oscap.scan.id,oscap.scan.content,oscap.scan.profile.title),filters:!(),index:'wazuh-alerts-*',interval:auto,query:(query_string:(analyze_wildcard:!t,query:'*')),sort:!('@timestamp',desc))"
-	dis-filter='rule.groups:"oscap" AND rule.groups:"oscap-result" AND {{'agent.name:'+_agent.name}}'
+	dis-filter="rule.groups:oscap AND rule.groups:oscap-result AND agent.name: {{_agent.name}}"
 	infinite-scroll="true">
 	</kbn-disfull>
 </md-content>
\ No newline at end of file
diff --git a/server/routes/wazuh-elastic.js b/server/routes/wazuh-elastic.js
index 5edfa8cd5..e2c3253a6 100644
--- a/server/routes/wazuh-elastic.js
+++ b/server/routes/wazuh-elastic.js
@@ -44,12 +44,16 @@ module.exports = function (server, options) {
 
 		var payload = JSON.parse(JSON.stringify(payloads.getFieldTop));
 		
-        if (filtering) {
-            payload.query.bool.must[0].query_string.query = req.params.fieldFilter + ":" + req.params.fieldValue + " AND host: " + req.params.manager;
+        if (req.params.fieldFilter && req.params.fieldFilter2) {
+			payload.query.bool.must[0].query_string.query = req.params.fieldFilter + ":" + req.params.fieldValue + " AND " + req.params.fieldFilter2 + ":" + req.params.fieldValue2 + " AND host: " + req.params.manager;
+		}else if(req.params.fieldFilter){
+			payload.query.bool.must[0].query_string.query = req.params.fieldFilter + ":" + req.params.fieldValue + " AND host: " + req.params.manager;
         }else{
             payload.query.bool.must[0].query_string.query = "host: " + req.params.manager;
 		}
-
+		
+		console.log(payload.query.bool.must[0].query_string.query);
+		console.log(req.params);
         payload.query.bool.must[1].range['@timestamp'].gte = timeAgo;
         payload.aggs['2'].terms.field = req.params.field;
 		
@@ -217,7 +221,18 @@ module.exports = function (server, options) {
         path: '/api/wazuh-elastic/top/{manager}/{field}/{fieldFilter}/{fieldValue}/{time?}',
         handler: getFieldTop
     });
-
+	
+	/*
+    * GET /api/wazuh-elastic/top/{manager}/{field}/{fieldFilter}/{fieldValue}/{fieldFilter}/{fieldValue}/{time?}
+    * Returns the agent with most alerts
+    *
+    **/
+    server.route({
+        method: 'GET',
+        path: '/api/wazuh-elastic/top/{manager}/{field}/{fieldFilter}/{fieldValue}/{fieldFilter2}/{fieldValue2}/{time?}',
+        handler: getFieldTop
+    });
+	
     /*
     * GET /api/wazuh-elastic/last/{manager}/{field}
     * Return last field value