valitydev/wazuh-kibana-app
14
0
Fork 0
mirror of https://github.com/valitydev/wazuh-kibana-app.git synced 2024-11-06 18:05:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backports

Browse Source
This commit is contained in:
JuanCarlos 2019-07-26 11:33:51 +02:00 committed by Jesús Ángel
parent 3c14676b7c
commit c198cf2afd
9 changed files with 117 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
public/controllers/management/files.js
View File

@ -59,7 +59,7 @@ export class FilesController {
this.$scope.$applyAsync();
});
this.$scope.closeEditingFile = () => {
this.$scope.closeEditingFile = (flag = false) => {
this.$scope.editingFile = false;
this.$scope.editorReadOnly = false;
this.$scope.fetchedXML = null;
@ -70,7 +70,7 @@ export class FilesController {
});
this.$scope.mctrl.currentRule = null;
}
this.$scope.mctrl.setRulesTab(this.$scope.mctrl.globalRulesetTab);
this.$scope.mctrl.setRulesTab(this.$scope.mctrl.globalRulesetTab, flag);
this.$scope.goBack = false;
}
this.search();
@ -110,13 +110,13 @@ export class FilesController {
isOverwrite: !!this.overwriteError
};
(isNewFile && this.$scope.type === 'rules') ||
(!isNewFile && this.$scope.currentFile.type === 'rule')
(!isNewFile && this.$scope.currentFile.type === 'rule')
? (objParam.rule = isNewFile
? this.selectedItem
: this.$scope.currentFile)
? this.selectedItem
: this.$scope.currentFile)
: (objParam.decoder = isNewFile
? this.selectedItem
: this.$scope.currentFile);
? this.selectedItem
: this.$scope.currentFile);
this.$scope.$broadcast('saveXmlFile', objParam);
this.$scope.$applyAsync();
}
@ -143,6 +143,11 @@ export class FilesController {
this.$scope.$applyAsync();
});
this.$scope.$on('closeRulesetFile', () => {
this.$scope.closeEditingFile(true);
this.$scope.$applyAsync();
});
this.$scope.$on('showFileNameInput', () => {
this.newFile = true;
this.selectedItem = { file: 'new file' };
@ -166,13 +171,13 @@ export class FilesController {
this.$scope.fetchedXML =
this.$scope.type === 'rules'
? await this.rulesetHandler.getRuleConfiguration(
this.$scope.currentFile.file,
readonly
)
this.$scope.currentFile.file,
readonly
)
: await this.rulesetHandler.getDecoderConfiguration(
this.$scope.currentFile.file,
readonly
);
this.$scope.currentFile.file,
readonly
);
this.$scope.$applyAsync();
if (!readonly) {
this.$scope.$broadcast('fetchedFile', { data: this.$scope.fetchedXML });

11
public/controllers/management/management.js
View File

@ -273,11 +273,13 @@ export class ManagementController {
* This set the rules tab
* @param {String} tab
*/
setRulesTab(tab) {
setRulesTab(tab, flag) {
this.rulesetTab = tab;
this.globalRulesetTab = this.rulesetTab;
this.managingFiles = false;
this.breadCrumbBack();
if (!flag) {
this.breadCrumbBack();
}
}
switchFilesSubTab(flag, showFile) {
@ -290,9 +292,13 @@ export class ManagementController {
breadCrumbBack(goRoot = false) {
if (this.currentRule) {
this.$scope.$broadcast('closeRuleView');
this.$scope.$broadcast('closeRulesetFile');
this.$scope.$emit('removeCurrentRule');
}
if (this.currentDecoder) {
this.$scope.$broadcast('closeDecoderView');
this.$scope.$broadcast('closeRulesetFile');
this.$scope.$emit('removeCurrentDecoder');
}
if (this.currentList) {
this.$scope.$broadcast('closeListView');
@ -301,6 +307,7 @@ export class ManagementController {
this.switchTab('ruleset', true);
this.setRulesTab('rules');
}
this.$scope.$applyAsync();
}
changeNode(node) {

114
public/kibana-integrations/kibana-discover.js
View File

@ -5,7 +5,7 @@ import { uiModules } from 'ui/modules';
import discoverTemplate from '../templates/kibana-template/kibana-discover-template.html';
uiModules.get('app/wazuh', ['kibana/courier']).directive('kbnDis', [
function() {
function () {
return {
restrict: 'E',
scope: {},
@ -98,7 +98,7 @@ const app = uiModules.get('apps/discover', [
'app/wazuh'
]);
app.directive('discoverAppW', function() {
app.directive('discoverAppW', function () {
return {
restrict: 'E',
controllerAs: 'discoverApp',
@ -127,7 +127,8 @@ function discoverController(
getAppState,
globalState,
loadedVisualizations,
discoverPendingUpdates
discoverPendingUpdates,
errorHandler
) {
const visualizeLoader = Private(VisualizeLoaderProvider);
let visualizeHandler;
@ -164,7 +165,7 @@ function discoverController(
else if (totalSeconds > 604800 && totalSeconds <= 2419200)
wzInterval = 'w';
else wzInterval = 'M';
} catch (error) {} // eslint-disable-line
} catch (error) { } // eslint-disable-line
return wzInterval;
};
@ -215,7 +216,7 @@ function discoverController(
$scope.showInterval = false;
$scope.minimumVisibleRows = 50;
$scope.intervalEnabled = function(interval) {
$scope.intervalEnabled = function (interval) {
return interval.val !== 'custom';
};
@ -407,17 +408,17 @@ function discoverController(
bucketsDescription:
$scope.bucketInterval.scale > 1
? i18n('kbn.discover.bucketIntervalTooltip.tooLargeBucketsText', {
defaultMessage: 'buckets that are too large'
})
defaultMessage: 'buckets that are too large'
})
: i18n('kbn.discover.bucketIntervalTooltip.tooManyBucketsText', {
defaultMessage: 'too many buckets'
}),
defaultMessage: 'too many buckets'
}),
bucketIntervalDescription: $scope.bucketInterval.description
}
});
};
$scope.$watchCollection('state.columns', function() {
$scope.$watchCollection('state.columns', function () {
$state.save();
});
@ -431,15 +432,15 @@ function discoverController(
indexPatternList: $route.current.locals.ip.list
};
const init = _.once(function() {
const init = _.once(function () {
stateMonitor = stateMonitorFactory.create($state, getStateDefaults());
stateMonitor.onChange(status => {
$appStatus.dirty = status.dirty || !savedSearch.id;
});
$scope.$on('$destroy', () => stateMonitor.destroy());
$scope.updateDataSource().then(function() {
$scope.$listen(timefilter, 'fetch', function() {
$scope.updateDataSource().then(function () {
$scope.$listen(timefilter, 'fetch', function () {
////////////////////////////////////////////////
// WAZUH //
////////////////////////////////////////////////
@ -451,7 +452,7 @@ function discoverController(
$scope.fetch();
});
$scope.$watchCollection('state.sort', function(sort) {
$scope.$watchCollection('state.sort', function (sort) {
if (!sort) return;
// get the current sort from {key: val} to ["key", "val"];
@ -463,18 +464,42 @@ function discoverController(
if (!angular.equals(sort, currentSort)) $scope.fetch();
});
const isRemovable = filter =>
typeof filter.meta.removable !== 'undefined' && !filter.meta.removable;
// update data source when filters update
$scope.$listen(queryFilter, 'update', function() {
$scope.$listen(queryFilter, 'update', function () {
if (!$scope.implicitFilters) {
$scope.implicitFilters = queryFilter.getFilters();
}
const filters = queryFilter.getFilters();
/////////////////////////////// WAZUH ///////////////////////////////////
// Store non removable filters
const nonRemovableFilters = $scope.implicitFilters
.map(item => item.meta.key);
// Compose final filters array not including filters that also exist as non removable filter
filters.filter(item => {
const key =
item.meta.key || (Object.keys(item.query.match) || [undefined])[0];
const isIncluded = nonRemovableFilters.includes(key);
const isNonRemovable = isRemovable(item);
if (isIncluded && !isNonRemovable) {
errorHandler.handle(`Filter for ${key} already added`);
item.meta.removable = false;
}
});
return $scope
.updateDataSource()
.then(function() {
.then(function () {
////////////////////////////////////////////////////////////////////////////
/////////////////////////////// WAZUH ///////////////////////////////////
////////////////////////////////////////////////////////////////////////////
discoverPendingUpdates.removeAll();
discoverPendingUpdates.addItem(
$state.query,
queryFilter.getFilters()
filters
);
$rootScope.$broadcast('updateVis');
$rootScope.$broadcast('fetch');
@ -493,7 +518,7 @@ function discoverController(
});
// update data source when hitting forward/back and the query changes
$scope.$listen($state, 'fetch_with_changes', function(diff) {
$scope.$listen($state, 'fetch_with_changes', function (diff) {
if (diff.indexOf('query') >= 0) $scope.fetch();
});
@ -501,7 +526,7 @@ function discoverController(
$scope.$listen(queryFilter, 'fetch', $scope.fetch);
timefilter.enableAutoRefreshSelector();
$scope.$watch('opts.timefield', function(timefield) {
$scope.$watch('opts.timefield', function (timefield) {
if (!!timefield) {
timefilter.enableTimeRangeSelector();
} else {
@ -509,11 +534,11 @@ function discoverController(
}
});
$scope.$watch('state.interval', function() {
$scope.$watch('state.interval', function () {
$scope.fetch();
});
$scope.$watch('vis.aggs', function() {
$scope.$watch('vis.aggs', function () {
// no timefield, no vis, nothing to update
if (!$scope.opts.timefield) return;
@ -555,7 +580,7 @@ function discoverController(
else return status.NO_RESULTS;
}
return function() {
return function () {
const current = {
rows: $scope.rows,
fetchStatus: $scope.fetchStatus
@ -585,7 +610,6 @@ function discoverController(
setupVisualization();
$scope.updateTime();
}
init.complete = true;
$state.replace();
});
@ -604,15 +628,15 @@ function discoverController(
let filters = queryFilter.getFilters();
filters = Array.isArray(filters)
? filters.filter(
item => (((item || {}).$state || {}).store || '') === 'appState'
)
item => (((item || {}).$state || {}).store || '') === 'appState'
)
: [];
if (!filters || !filters.length) return false;
}
return true;
};
$scope.opts.fetch = $scope.fetch = function() {
$scope.opts.fetch = $scope.fetch = function () {
// Wazuh filters are not ready yet
if (!filtersAreReady()) return;
@ -626,14 +650,14 @@ function discoverController(
$scope
.updateDataSource()
.then(setupVisualization)
.then(function() {
.then(function () {
$state.save();
return courier.fetch();
})
.catch(notify.error);
};
$scope.updateQueryAndFetch = function({ query }) {
$scope.updateQueryAndFetch = function ({ query }) {
////////////////////////////////////////////////////////////////////////////
/////////////////////////////// WAZUH ///////////////////////////////////
////////////////////////////////////////////////////////////////////////////
@ -675,7 +699,7 @@ function discoverController(
*
* @type {String}
*/
const sortBy = (function() {
const sortBy = (function () {
if (!Array.isArray(sort)) return 'implicit';
else if (sort[0] === '_score') return 'implicit';
else if (sort[0] === timeField) return 'time';
@ -708,7 +732,7 @@ function discoverController(
}
// triggered when the status updated
segmented.on('status', function(status) {
segmented.on('status', function (status) {
$scope.fetchStatus = status;
if (status.complete === 0) {
// starting new segmented search request
@ -745,7 +769,7 @@ function discoverController(
}
});
segmented.on('first', function() {
segmented.on('first', function () {
flushResponseData();
});
@ -753,17 +777,17 @@ function discoverController(
logResponseInInspector(resp);
if (resp._shards.failed > 0) {
$scope.failures = _.union($scope.failures, resp._shards.failures);
$scope.failures = _.uniq($scope.failures, false, function(failure) {
$scope.failures = _.uniq($scope.failures, false, function (failure) {
return failure.index + failure.shard + failure.reason;
});
}
});
segmented.on('emptySegment', function(resp) {
segmented.on('emptySegment', function (resp) {
logResponseInInspector(resp);
});
segmented.on('mergedSegment', function(merged) {
segmented.on('mergedSegment', function (merged) {
$scope.mergedEsResp = merged;
if ($scope.opts.timefield) {
@ -788,7 +812,7 @@ function discoverController(
// if we haven't counted yet, or need a fresh count because we are sorting, reset the counts
if (!counts || sortFn) counts = $scope.fieldCounts = {};
$scope.rows.forEach(function(hit) {
$scope.rows.forEach(function (hit) {
// skip this work if we have already done it
if (hit.$$_counted) return;
@ -807,7 +831,7 @@ function discoverController(
});
});
segmented.on('complete', function() {
segmented.on('complete', function () {
if ($scope.fetchStatus.hitCount === 0) {
flushResponseData();
}
@ -834,7 +858,7 @@ function discoverController(
}
beginSegmentedFetch();
$scope.updateTime = function() {
$scope.updateTime = function () {
////////////////////////////////////////////////////////////////////////////
/////////////////////////////// WAZUH ///////////////////////////////////
////////////////////////////////////////////////////////////////////////////
@ -853,11 +877,11 @@ function discoverController(
};
};
$scope.resetQuery = function() {
$scope.resetQuery = function () {
kbnUrl.change('/discover/{{id}}', { id: $route.current.params.id });
};
$scope.newQuery = function() {
$scope.newQuery = function () {
kbnUrl.change('/discover');
};
@ -874,7 +898,7 @@ function discoverController(
};
// TODO: On array fields, negating does not negate the combination, rather all terms
$scope.filterQuery = function(field, values, operation) {
$scope.filterQuery = function (field, values, operation) {
// Commented due to https://github.com/elastic/kibana/issues/22426
//$scope.indexPattern.popularizeField(field, 1);
filterActions.addFilter(
@ -903,18 +927,18 @@ function discoverController(
columnActions.moveColumn($scope.state.columns, columnName, newIndex);
};
$scope.scrollToTop = function() {
$scope.scrollToTop = function () {
$window.scrollTo(0, 0);
};
$scope.scrollToBottom = function() {
$scope.scrollToBottom = function () {
// delay scrolling to after the rows have been rendered
$timeout(() => {
$element.find('#discoverBottomMarker').focus();
}, 0);
};
$scope.showAllRows = function() {
$scope.showAllRows = function () {
$scope.minimumVisibleRows = $scope.hits;
};
@ -971,7 +995,7 @@ function discoverController(
.onSearchRequestStart(searchSource, searchRequest);
});
$scope.searchSource.setField('aggs', function() {
$scope.searchSource.setField('aggs', function () {
//////////////////// WAZUH ////////////////////////////////
// Old code: //
// return $scope.vis.getAggConfig().toDsl(); //
@ -1083,7 +1107,7 @@ function discoverController(
queryFilter
.addFilters(wzCurrentFilters)
.then(() => {})
.then(() => { })
.catch(error => console.log(error.message || error)); // eslint-disable-line
}
};

4
public/kibana-integrations/loader/embedded_visualize_handler.ts
View File

@ -107,7 +107,8 @@ export class EmbeddedVisualizeHandler {
private readonly element: HTMLElement,
savedObject: VisSavedObject,
params: EmbeddedVisualizeHandlerParams,
$injector
$injector,
errorHandler
) {
const { searchSource, vis } = savedObject;
@ -131,6 +132,7 @@ export class EmbeddedVisualizeHandler {
uiState,
aggs: vis.getAggConfig(),
forceFetch: false,
errorHandler
};
// Listen to the first RENDER_COMPLETE_EVENT to resolve this promise

6
public/kibana-integrations/loader/visualize_data_loader.ts
View File

@ -202,11 +202,7 @@ export class VisualizeDataLoader {
`the error.`
);
}
toastNotifications.addDanger({
title: 'Error in visualization',
text: error.message,
});
params.errorHandler.handle(error.message, 'Error in visualization')
}
}
}

11
public/kibana-integrations/loader/visualize_loader.ts
View File

@ -32,8 +32,11 @@ import { EmbeddedVisualizeHandler } from './embedded_visualize_handler';
import { VisSavedObject, VisualizeLoaderParams } from './types';
export class VisualizeLoader {
constructor(private readonly savedVisualizations: any, private readonly Private: IPrivate, $injector) {
constructor(private readonly savedVisualizations: any, private readonly Private: IPrivate, $injector, errorHandler) {
// @ts-ignore
this.injector = $injector;
// @ts-ignore
this.errorHandler = errorHandler;
}
/**
@ -141,12 +144,12 @@ export class VisualizeLoader {
Private: this.Private,
};
return new EmbeddedVisualizeHandler(element, savedObj, handlerParams, this.injector);
return new EmbeddedVisualizeHandler(element, savedObj, handlerParams, this.injector, this.errorHandler);
}
}
function VisualizeLoaderProvider(savedVisualizations: any, Private: IPrivate, $injector) {
return new VisualizeLoader(savedVisualizations, Private, $injector);
function VisualizeLoaderProvider(savedVisualizations: any, Private: IPrivate, $injector, errorHandler) {
return new VisualizeLoader(savedVisualizations, Private, $injector, errorHandler);
}
/**

6
public/less/common.less
View File

@ -992,4 +992,8 @@ discover-app-w .container-fluid {
text-align: right;
height: 0;
cursor: pointer;
}
}
.wz-md-card:not(.fullscreen) .sca-vis.table-scrollable .kbnAggTable__paginated{
height: 150px;
}

11
public/templates/overview/overview-fim.html
View File

@ -1,5 +1,4 @@
<md-content flex layout="column" ng-if="octrl.tab === 'fim' && octrl.tabView === 'panels'"
ng-class="{'no-opacity': resultState !== 'ready' || !rendered}">
<md-content flex layout="column" ng-if="octrl.tab === 'fim' && octrl.tabView === 'panels'" ng-class="{'no-opacity': resultState !== 'ready' || !rendered}">
<div layout="row" class="height-400">
<md-card flex class="wz-md-card" ng-class="{'fullscreen': octrl.expandArray[0]}">
@ -11,8 +10,7 @@
</span>
</md-card-actions>
<md-card-content class="wazuh-column">
<kbn-vis id="Wazuh-App-Agents-FIM-Alerts-by-action-over-time"
vis-id="'Wazuh-App-Agents-FIM-Alerts-by-action-over-time'"></kbn-vis>
<kbn-vis id="Wazuh-App-Agents-FIM-Alerts-by-action-over-time" vis-id="'Wazuh-App-Agents-FIM-Alerts-by-action-over-time'"></kbn-vis>
</md-card-content>
</md-card>
</div>
@ -26,8 +24,7 @@
</span>
</md-card-actions>
<md-card-content class="wazuh-column">
<kbn-vis id="Wazuh-App-Overview-FIM-Top-5-agents-pie"
vis-id="'Wazuh-App-Overview-FIM-Top-5-agents-pie'"></kbn-vis>
<kbn-vis id="Wazuh-App-Overview-FIM-Top-5-agents-pie" vis-id="'Wazuh-App-Overview-FIM-Top-5-agents-pie'"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex class="wz-md-card" ng-class="{'fullscreen': octrl.expandArray[2]}">
@ -81,7 +78,7 @@
</span>
</md-card-actions>
<md-card-content class="wazuh-column">
<kbn-vis vis-id="'Wazuh-App-Overview-FIM-top-agents-user'"></kbn-vis>
<kbn-vis class="sca-vis table-scrollable" vis-id="'Wazuh-App-Overview-FIM-top-agents-user'"></kbn-vis>
</md-card-content>
</md-card>
</div>

2
server/integration-files/visualizations/overview/overview-fim.js
View File

@ -95,7 +95,7 @@ export default [
_source: {
title: 'Top users',
visState:
'{"title":"Top users","type":"table","params":{"perPage":10,"showPartialRows":false,"showMetricsAtAllLevels":false,"sort":{"columnIndex":3,"direction":"desc"},"showTotal":false,"totalFunc":"sum"},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{}},{"id":"2","enabled":true,"type":"terms","schema":"bucket","params":{"field":"agent.id","size":5,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Agent ID"}},{"id":"3","enabled":true,"type":"terms","schema":"bucket","params":{"field":"agent.name","size":5,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Agent name"}},{"id":"4","enabled":true,"type":"terms","schema":"bucket","params":{"field":"syscheck.uname_after","size":1,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Top user"}}]}',
'{"title":"Top users","type":"table","params":{"perPage":5,"showPartialRows":false,"showMetricsAtAllLevels":false,"sort":{"columnIndex":3,"direction":"desc"},"showTotal":false,"totalFunc":"sum"},"aggs":[{"id":"1","enabled":true,"type":"count","schema":"metric","params":{}},{"id":"2","enabled":true,"type":"terms","schema":"bucket","params":{"field":"agent.id","size":5,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Agent ID"}},{"id":"3","enabled":true,"type":"terms","schema":"bucket","params":{"field":"agent.name","size":5,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Agent name"}},{"id":"4","enabled":true,"type":"terms","schema":"bucket","params":{"field":"syscheck.uname_after","size":1,"order":"desc","orderBy":"1","otherBucket":false,"otherBucketLabel":"Other","missingBucket":false,"missingBucketLabel":"Missing","customLabel":"Top user"}}]}',
uiStateJSON:
'{"vis":{"params":{"sort":{"columnIndex":3,"direction":"desc"}}}}',
description: '',