Commit a52ff529 authored by Ad Schellevis's avatar Ad Schellevis

(ids) add alert info dialog

parent 6b2a8af1
......@@ -28,6 +28,7 @@
*/
namespace OPNsense\IDS\Api;
use \Phalcon\Filter;
use \OPNsense\Base\ApiControllerBase;
use \OPNsense\Core\Backend;
use \OPNsense\IDS\IDS;
......@@ -154,6 +155,7 @@ class ServiceController extends ApiControllerBase
}
/**
* query suricata alerts
* @return array
*/
public function queryAlertsAction()
......@@ -184,4 +186,24 @@ class ServiceController extends ApiControllerBase
}
return array();
}
/**
* fetch alert detailed info
* @param $alertId alert id, position in log file
* @return array alert info
*/
public function getAlertInfoAction($alertId)
{
$backend = new Backend();
$filter = new Filter();
$id = $filter->sanitize($alertId, "int");
$response = $backend->configdpRun("ids query alerts", array(1, 0, "filepos/".$id));
$result = json_decode($response, true);
if ($result != null && count($result['rows']) > 0) {
return $result['rows'][0];
} else {
return array();
}
}
}
......@@ -37,8 +37,10 @@ class IndexController extends \OPNsense\Base\IndexController
public function indexAction()
{
$this->view->title = "IDS";
// link dialog
// link rule dialog
$this->view->formDialogRule = $this->getForm("dialogRule");
// link alert info dialog
$this->view->formDialogAlert = $this->getForm("dialogAlert");
// link IDS general settings
$this->view->formGeneralSettings = $this->getForm("generalSettings");
// choose template
......
<form>
<field>
<id>timestamp</id>
<label>timestamp</label>
<type>info</type>
</field>
<field>
<id>alert</id>
<label>alert</label>
<type>info</type>
</field>
<field>
<id>alert_sid</id>
<label>alert sid</label>
<type>info</type>
</field>
<field>
<id>src_ip</id>
<label>source ip</label>
<type>info</type>
</field>
<field>
<id>dest_ip</id>
<label>destination ip</label>
<type>info</type>
</field>
<field>
<id>src_port</id>
<label>source port</label>
<type>info</type>
</field>
<field>
<id>dest_port</id>
<label>destination port</label>
<type>info</type>
</field>
</form>
......@@ -68,7 +68,6 @@ POSSIBILITY OF SUCH DAMAGE.
$("#grid-installedrules").UIBootgrid(
{ search:'/api/ids/settings/searchinstalledrules',
get:'/api/ids/settings/getRuleInfo/',
set:'/api/ids/settings/setRuleInfo/',
options:{
multiSelect:false,
selection:false,
......@@ -91,10 +90,15 @@ POSSIBILITY OF SUCH DAMAGE.
$("#grid-alerts").UIBootgrid(
{ search:'/api/ids/service/queryAlerts',
get:'/api/ids/service/getAlert',
get:'/api/ids/service/getAlertInfo/',
options:{
multiSelect:false,
selection:false
selection:false,
formatters:{
info: function (column, row) {
return "<button type=\"button\" class=\"btn btn-xs btn-default command-edit\" data-row-id=\"" + row.filepos + "\"><span class=\"fa fa-info-circle\"></span></button> ";
}
}
}
});
......@@ -168,11 +172,11 @@ POSSIBILITY OF SUCH DAMAGE.
<table id="grid-alerts" class="table table-condensed table-hover table-striped table-responsive" data-editDialog="DialogAlert">
<thead>
<tr>
<th data-column-id="timestamp" data-type="string" data-width="14em">timestamp</th>
<th data-column-id="src_ip" data-type="string" data-width="10em">source</th>
<th data-column-id="dest_ip" data-type="string" data-width="10em">destination</th>
<th data-column-id="alert_sid" data-type="number" data-width="6em">sid</th>
<th data-column-id="alert" data-type="string">Alert</th>
<th data-column-id="timestamp" data-type="string" data-sortable="false">timestamp</th>
<th data-column-id="src_ip" data-type="string" data-sortable="false" data-width="10em">source</th>
<th data-column-id="dest_ip" data-type="string" data-sortable="false" data-width="10em">destination</th>
<th data-column-id="alert" data-type="string" data-sortable="false" >Alert</th>
<th data-column-id="info" data-formatter="info" data-sortable="false" data-width="4em">info</th>
</tr>
</thead>
<tbody>
......@@ -186,3 +190,4 @@ POSSIBILITY OF SUCH DAMAGE.
</div>
{{ partial("layout_partials/base_dialog",['fields':formDialogRule,'id':'DialogRule','label':'Rule details','hasSaveBtn':'false','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogAlert,'id':'DialogAlert','label':'Alert details','hasSaveBtn':'false','msgzone_width':1])}}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment