1
#from prewikka import User, utils
2
#extends prewikka.templates.MessageListing
4
#block head_extra_content
7
<script type="text/javascript">
10
function del_entry(link) {
11
row = link.parentNode.parentNode
12
table = row.parentNode
13
if ( ! row.nextSibling ) {
14
row.previousSibling.lastChild.appendChild(row.lastChild.firstChild)
17
table.removeChild(row)
21
field = document.createElement("td")
22
field.setAttribute("width", "11px")
23
row.appendChild(field)
25
if ( row.firstChild != row.lastChild ) {
26
link = document.createElement("a")
27
link.onclick = function(){ del_entry(this) }
28
link.setAttribute("href", "#")
29
content = document.createTextNode("-")
30
link.appendChild(content)
31
field.appendChild(link)
33
content = document.createTextNode(" ")
34
field.appendChild(content)
38
function get_operator_option(select, operator)
41
#for $operator, $desc in (("=", "Equal"), ("<", "Lesser than"),
42
(">", "Greater than"), ("<=", "Lesser or equal"),
43
(">=", "Greater or equal"), ("<>", "Substring"),
44
("<>*", "Substring (case-insensitive)"), ("~", "Regular expression"), ("~*", "Regular expression (case-insensitive)"))
45
option = document.createElement("option")
47
option.setAttribute("value", '$operator')
48
option.setAttribute("title", '$desc')
49
if ( operator == '$operator' ) {
50
option.setAttribute("selected", "true")
52
option_value = document.createTextNode('$operator')
53
option.appendChild(option_value)
54
select.appendChild(option)
62
options_array = new Array()
63
functions_array = new Array()
66
function del_td(name, num)
68
old = document.getElementById("td_" + name + num)
74
td = document.createElement("td")
75
td.setAttribute("id", "td_" + name + num)
77
row.insertBefore(td, old)
82
function filter_add_list(value, object, name, num) {
83
td = document.getElementById("td_" + name + num)
87
select = document.createElement("select")
88
select.setAttribute("name", name + '_value_' + num)
89
select.setAttribute("class", "popup_input_field")
90
td.appendChild(select)
92
for (key in options_array[object]) {
93
option = document.createElement("option")
95
if ( options_array[object][key] == value ) {
96
option.setAttribute("selected", "true")
99
option_value = document.createTextNode(options_array[object][key])
100
option.appendChild(option_value)
101
select.appendChild(option)
105
function filter_add_input(value, object, name, num) {
106
td = document.getElementById("td_" + name + num)
108
input = document.createElement("input")
109
input.setAttribute("class", "popup_input_field")
110
input.setAttribute("name", name + '_value_' + num)
111
input.setAttribute("type", "int")
112
input.setAttribute("value", value)
113
td.appendChild(input)
118
#for $category, $aggregations in (
119
("classification", $classification_aggregations),
120
("analyzer", $analyzer_aggregations),
121
("source", $source_aggregations),
122
("target", $target_aggregations)
126
function aggregated_${category}_add_entry(path) {
127
table = document.getElementById("${category}_aggregation_table")
129
if ( table.lastChild && table.lastChild.nodeName == "TR" ) {
130
table.lastChild.lastChild.removeChild(table.lastChild.lastChild.lastChild)
133
row = document.createElement("tr")
134
table.appendChild(row)
136
field = document.createElement("th")
137
row.appendChild(field)
138
content = document.createTextNode("$_('Group entry by:')")
139
field.appendChild(content)
141
field = document.createElement("td")
142
row.appendChild(field)
143
field = document.createElement("td")
144
row.appendChild(field)
146
field = document.createElement("td")
147
row.appendChild(field)
148
select = document.createElement("select")
149
field.appendChild(select)
151
select.setAttribute("class", "popup_input_field")
152
select.setAttribute("name", "aggregated_${category}")
154
#for $aggregation_name, $aggregated_path, $unused in $aggregations
156
option = document.createElement("option")
158
#if $aggregated_path == None
159
option.setAttribute("disabled", "disabled")
161
option.setAttribute("value", '$aggregated_path')
162
if ( path == '$aggregated_path' ) {
163
option.setAttribute("selected", "true")
167
option_value = document.createTextNode('$aggregation_name')
168
option.appendChild(option_value)
169
select.appendChild(option)
174
field = document.createElement("td")
175
field.setAttribute("width", "11px")
176
row.appendChild(field)
178
link = document.createElement("a")
179
link.onclick = function(){ aggregated_${category}_add_entry('') }
180
link.setAttribute("href", "#")
181
content = document.createTextNode("+")
182
link.appendChild(content)
183
field.appendChild(link)
187
#for $name, $objects in (
188
("classification", $classification_filters),
189
("analyzer", $analyzer_filters),
190
("source", $source_filters),
191
("target", $target_filters),
194
function ${name}_add_entry(object, operator, value, num) {
195
table = document.getElementById('${name}_table')
197
if ( table.lastChild && table.lastChild.nodeName == "TR" ) {
198
table.lastChild.lastChild.removeChild(table.lastChild.lastChild.lastChild)
201
row = document.createElement("tr")
202
table.appendChild(row)
204
field = document.createElement("th")
205
content = document.createTextNode("$_('Filter on:')")
206
field.appendChild(content)
207
row.appendChild(field)
209
field = document.createElement("td")
210
row.appendChild(field)
211
select = document.createElement("select")
212
field.appendChild(select)
214
select.setAttribute("class", "popup_select_field")
215
select.setAttribute("name", "${name}_object_" + num)
216
select.onchange = function() { del_td('${name}', num); functions_array[this.options[this.selectedIndex].value](value, this.options[this.selectedIndex].value, '${name}', num) }
219
var add_default_object
221
#for $object_name, $object, $obval in $objects
222
option = document.createElement("option")
225
func = filter_add_input
227
func = filter_add_list
228
options_array["$object"] = new Array()
232
options_array["$object"][$cnt] = '${opt}'
238
option.setAttribute("disabled", "disabled")
239
option.setAttribute("value", '')
241
option.setAttribute("value", '$object')
242
if ( object == '$object' || ! object ) {
243
option.setAttribute("selected", "true")
245
add_default_object = '$object'
250
option_value = document.createTextNode('$object_name')
251
option.appendChild(option_value)
252
select.appendChild(option)
255
functions_array["$object"] = func
258
field = document.createElement("td")
259
row.appendChild(field)
260
select = document.createElement("select")
261
field.appendChild(select)
262
select.setAttribute("class", "popup_operator_select")
263
select.setAttribute("name", "${name}_operator_" + num)
268
get_operator_option(select, operator)
270
field = document.createElement("td")
271
field.setAttribute("id", "td_$name" + num)
272
row.appendChild(field)
275
add_default(value, add_default_object, '${name}', num);
280
field = document.createElement("td")
281
field.setAttribute("width", "11px")
282
row.appendChild(field)
283
link = document.createElement("a")
284
link.onclick = function(){ ${name}_add_entry('', '', '', (num + 1)) };
285
link.setAttribute("href", "#")
286
content = document.createTextNode("+")
287
link.appendChild(content)
288
field.appendChild(link)
300
#block message_fields_header
301
#set global $address_cnt = 0
305
<td class="filter_popup">
306
<a onclick="javascript:toggleFilteredColumnVisibility('classification');" href="#">$_("Classification")</a>
307
<div id="classification">
309
<tr><td><table class="inline_filter_content"><tbody id="classification_table"></tbody></table></td></tr>
310
<tr><td><table class="inline_filter_content"><tbody id="classification_aggregation_table"></tbody></table></td></tr>
312
<table class="inline_filter_content">
316
#if $correlation_alert_view
317
#set $disabled="disabled=\"disabled\""
322
#for name, path in (("Alert", "alert.create_time"), ("CorrelationAlert", "alert.correlation_alert.name"),
323
("OverflowAlert", "alert.overflow_alert.program"), ("ToolAlert", "alert.tool_alert.name"))
324
#if path in $alert.type
325
#set $checked = "checked='checked'"
330
<td>$name<input class="checkbox" $disabled type="checkbox" name="alert.type" value="$path" $checked /></td>
337
#for item in "info", "low", "medium", "high", "none"
338
#if item in $alert.assessment.impact.severity
339
#set $checked = "checked='checked'"
343
<td>$item<input class="checkbox" type="checkbox" name="alert.assessment.impact.severity" value="$item" $checked /></td>
349
<td colspan="2"> </td>
351
#for item in "succeeded", "failed", "none"
352
#if item in $alert.assessment.impact.completion
353
#set $checked = "checked='checked'"
357
<td>$item<input class="checkbox" type="checkbox" name="alert.assessment.impact.completion" value="$item" $checked /></td>
365
<script type="text/javascript">
367
#for $object, $operator, $value in $classification
368
classification_add_entry("$object", "$operator", "$utils.escape_attribute($value)", $cnt)
372
#if len($aggregated_classification) == 0
373
aggregated_classification_add_entry("")
375
#for $path in $aggregated_classification
376
aggregated_classification_add_entry('$path')
382
#if $classification_filtered
383
<span class="filter_enabled_marker">*</span>
387
<td class="filter_popup">
388
<a onclick="javascript:toggleFilteredColumnVisibility('source');" href="#">$_("Source")</a>
391
<tr><td><table class="inline_filter_content"><tbody id="source_table"></tbody></table></td></tr>
392
<tr><td><table class="inline_filter_content"><tbody id="source_aggregation_table"></tbody></table></td></tr>
395
<script type="text/javascript">
397
#for $object, $operator, $value in $source
398
source_add_entry("$object", "$operator", "$utils.escape_attribute($value)", $cnt)
402
#if len($aggregated_source) == 0
403
aggregated_source_add_entry("")
405
#for $path in $aggregated_source
406
aggregated_source_add_entry('$path')
412
<span class="filter_enabled_marker">*</span>
416
<td class="filter_popup">
417
<a onclick="javascript:toggleFilteredColumnVisibility('target');" href="#">$_("Target")</a>
420
<tr><td><table class="inline_filter_content"><tbody id="target_table"></tbody></table></td></tr>
421
<tr><td><table class="inline_filter_content"><tbody id="target_aggregation_table"></tbody></table></td></tr>
423
<script type="text/javascript">
425
#for $object, $operator, $value in $target
426
target_add_entry("$object", "$operator", "$utils.escape_attribute($value)", $cnt)
430
#if len($aggregated_target) == 0
431
aggregated_target_add_entry("")
433
#for $path in $aggregated_target
434
aggregated_target_add_entry('$path')
440
<span class="filter_enabled_marker">*</span>
444
<td class="filter_popup">
445
<a onclick="javascript:toggleFilteredColumnVisibility('analyzer');" href="#">$_("Sensor")</a>
448
<tr><td><table class="inline_filter_content"><tbody id="analyzer_table"></tbody></table></td></tr>
449
<tr><td><table class="inline_filter_content"><tbody id="analyzer_aggregation_table"></tbody></table></td></tr>
452
<script type="text/javascript">
454
#for $object, $operator, $value in $analyzer
455
analyzer_add_entry("$object", "$operator", "$utils.escape_attribute($value)", $cnt)
459
#if len($aggregated_analyzer) == 0
460
aggregated_analyzer_add_entry("")
462
#for $path in $aggregated_analyzer
463
aggregated_analyzer_add_entry('$path')
468
#if $analyzer_filtered
469
<span class="filter_enabled_marker">*</span>
476
<input src="prewikka/images/search.png" type="image" style="border: 0;" />
480
#end block message_fields_header
483
#block message_fields
487
#if $message.sub_alert_name
488
<b>$message.sub_alert_type#slurp
489
#if $message.sub_alert_display
491
#if $message.sub_alert_number > 1:
494
(<a href="$message.sub_alert_display">$message.sub_alert_number</a> alert$plural)#slurp
496
:</b> <i><a href="$message.sub_alert_link">$message.sub_alert_name</a></i><br/>#slurp
499
#if $message.aggregated and $message.aggregated_classifications_hidden > 0
500
<b>($message.aggregated_classifications_hidden/$message.aggregated_classifications_total alerts not shown...
501
<a href="$message.aggregated_classifications_hidden_expand">expand</a>)</b>
505
#for $info in $message.infos
506
#if $message.aggregated and (len($message.infos) > 1 or $info.count > 1)
510
#if $info.classification.value
511
<a class="impact_severity_$info.severity.value" href="$info.display">$info.classification.value</a>
513
<a class="impact_severity_$info.severity.value" href="$info.display">n/a</a>
516
#if $info.completion.value
517
(<span class="impact_completion_$info.completion.value">$info.completion.value</span>)
522
#for url, name in $info.classification_references##slurp
523
#if $url#$sep<a target="$prewikka.external_link_target" href="$url">$name</a>#else#$sep$name#end if##slurp
525
#end for##if $info.classification_references#)#end if
529
#for $name, $direction, $hidden, $total, $expand in ("source", $message.source, $message.aggregated_source_hidden, $message.aggregated_source_total, $message.aggregated_source_expand), ("target", $message.target, $message.aggregated_target_hidden, $message.aggregated_target_total, $message.aggregated_target_expand)
531
#if len($direction) == 0
538
<b>($hidden/$total $name not shown...
539
<a href="$expand">expand</a>)</b>
543
#for $direction in $direction
545
<hr style="border: 1px dashed #808080; margin-top: 3px; margin-bottom: 0px;" />
550
#set $proto_param = ""
553
#if $direction.protocol.value != None
554
#set $proto_str = $direction.protocol.value.lower()
555
#set $proto_param = "&protocol=" + $direction.protocol.value.upper()
558
#for $address in $direction.addresses
559
<a href="#" onclick="javascript:toggleVisibilityUnique('menu_$address_cnt'); return false;">$address.value</a>#slurp
560
#if $direction.service.value != None
561
:<a target="$prewikka.external_link_target" href="https://www.prelude-ids.com/port_details.php?port=$str($direction.service.value)$proto_param">$str($direction.service.value)#slurp
572
<span id="menu_$address_cnt" class="popup_menu">
573
#set global $address_cnt += 1
575
- <a href="$address.inline_filter">Filter on this $name</a><br />
577
#if not $address.category or $address.category in ("ipv4-addr", "ipv4-net", "ipv6-addr", "ipv6-net")
578
- <a target="$prewikka.external_link_target" href="https://www.prelude-ids.com/host_details.php?host=$address.value">$name.capitalize() information</a><br />
580
#for $cmdname, $link in $address.host_commands
581
- <a href="$link">$cmdname</a><br />
588
#if $len($direction.addresses) == 0 and $service
589
service: $service[1:]
593
#for $name, $value, $extra in $direction.listed_values
598
$name: <a href="$value.inline_filter">$value.value</a>
611
#for $sensor in $message.sensors
612
<a href="$sensor.name.inline_filter">$sensor.name.value</a>
613
#if $sensor.node_name.value
614
(<a href="$sensor.node_name.inline_filter">$sensor.node_name.value</a>)
620
#if $message.aggregated
621
#if $message.time_min.value == $message.time_max.value
622
$message.time_min.value
624
$message.time_max.value -
625
$message.time_min.value
629
#if $message.analyzer_time.value
630
(sent at $message.analyzer_time.value)
637
#end block message_fields
639
#block timeline_extra_content
642
<td id="filter_control_label">Filter: </td>
644
<select name="filter" size="1" class="filter_control_select">
645
<option value=""> </option>
646
#for $fltr in $filters
647
<option value="$fltr" #if $fltr == $current_filter# selected="selected" #end if#>$fltr</option>