tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-12351-16497-Mejoras-Ampliacion-de-los-informes-monitorizacion-Netflow-Top-N-Connection' into 'develop' 

implement several changes in top-n connection report item

See merge request artica/pandorafms!6833
This commit is contained in:
Daniel Rodriguez 2024-01-29 11:14:58 +00:00
parent a4b1ccb4e6 18cb14bec6
commit 3db0090c0e
5 changed files with 279 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
pandora_console/godmode/reporting/reporting_builder.item_editor.php
View File

@ -1058,7 +1058,11 @@ switch ($action) {
$resolution = $item['top_n'];
// Interval resolution.
$max_values = $item['top_n_value'];
// Max values.
$es = json_decode($item['external_source'], true);
$top_n_type = $es['top_n_type'];
$display_graph = $es['display_graph'];
$display_summary = $es['display_summary'];
$display_data_table = $es['display_data_table'];
break;
case 'permissions_report':
@ -1703,6 +1707,75 @@ if (is_metaconsole() === true) {
</td>
</tr>
<tr id="row_top_n_type" class="datos">
<td class="bolder"><?php echo __('Type'); ?></td>
<td >
<?php
$types = [
0 => __('Show aggregate by destination port'),
1 => __('Show InBound/Outbound traffic per SrcIP/DestIP'),
];
html_print_select(
$types,
'top_n_type',
$top_n_type,
''
);
?>
</td>
</tr>
<tr id="row_display_graph" class="datos">
<td class="bolder">
<?php
echo __('Display graph');
?>
</td>
<td >
<?php
html_print_checkbox_switch(
'display_graph',
1,
($display_graph ?? true)
);
?>
</td>
</tr>
<tr id="row_display_summary_table" class="datos">
<td class="bolder">
<?php
echo __('Display summary table');
?>
</td>
<td >
<?php
html_print_checkbox_switch(
'display_summary',
1,
($display_summary ?? true)
);
?>
</td>
</tr>
<tr id="row_display_data_table" class="datos">
<td class="bolder">
<?php
echo __('Display data table');
?>
</td>
<td >
<?php
html_print_checkbox_switch(
'display_data_table',
1,
($display_data_table ?? true)
);
?>
</td>
</tr>
<tr id="row_period_service_level" class="datos">
<td class="bolder">
<?php
@ -7420,6 +7493,10 @@ function chooseType() {
$("#row_alert_templates").hide();
$("#row_alert_actions").hide();
$("#row_servers").hide();
$("#row_top_n_type").hide();
$("#row_display_graph").hide();
$("#row_display_summary_table").hide();
$("#row_display_data_table").hide();
$("#row_servers_all_opt").hide();
$("#row_servers_all").hide();
$("#row_multiple_servers").hide();
@ -8374,6 +8451,10 @@ function chooseType() {
$("#row_max_values").show();
$("#row_resolution").show();
$("#row_servers").show();
$("#row_top_n_type").show();
$("#row_display_graph").show();
$("#row_display_summary_table").show();
$("#row_display_data_table").show();
$("#row_historical_db_check").hide();
break;

13
pandora_console/godmode/reporting/reporting_builder.php
View File

@ -1878,6 +1878,13 @@ switch ($action) {
$values['top_n_value'] = get_parameter(
'max_values'
);
$es['top_n_type'] = get_parameter('top_n_type', '');
$es['display_graph'] = get_parameter('display_graph', '');
$es['display_summary'] = get_parameter('display_summary', '');
$es['display_data_table'] = get_parameter('display_data_table', '');
$values['external_source'] = json_encode($es);
$good_format = true;
break;
@ -2962,6 +2969,12 @@ switch ($action) {
$values['top_n_value'] = get_parameter(
'max_values'
);
$es['top_n_type'] = get_parameter('top_n_type', '');
$es['display_graph'] = get_parameter('display_graph', '');
$es['display_summary'] = get_parameter('display_summary', '');
$es['display_data_table'] = get_parameter('display_data_table', '');
$values['external_source'] = json_encode($es);
$good_format = true;
break;

187
pandora_console/include/functions_netflow.php
View File

@ -328,12 +328,13 @@ function netflow_data_table($data, $start_date, $end_date, $aggregate, $pdf=fals
/**
* Show a table with netflow top N data.
*
* @param array $data Netflow data.
* @param integer $total_bytes Total bytes count to calculate percent data.
* @param array $data Netflow data.
* @param integer $total_bytes Total bytes count to calculate percent data.
* @param boolean $show_extended Display extended table.
*
* @return string HTML data table.
*/
function netflow_top_n_table(array $data, int $total_bytes)
function netflow_top_n_table(array $data, int $total_bytes, bool $show_extended=false)
{
global $nfdump_date_format;
@ -344,31 +345,44 @@ function netflow_top_n_table(array $data, int $total_bytes)
$table->data = [];
$table->head = [];
$table->head[0] = '<b>'.__('Source IP').'</b>';
$table->head[1] = '<b>'.__('Destination IP').'</b>';
$table->head[2] = '<b>'.__('Bytes').'</b>';
$table->head[3] = '<b>'.__('% Traffic').'</b>';
$table->head[4] = '<b>'.__('Avg. Throughput').'</b>';
$table->style[0] = 'padding: 4px';
if ($show_extended === false) {
$table->head[0] = '<b>'.__('Source IP').'</b>';
$table->head[1] = '<b>'.__('Destination IP').'</b>';
$table->head[2] = '<b>'.__('Bytes').'</b>';
$table->head[3] = '<b>'.__('Packets').'</b>';
$table->head[4] = '<b>'.__('% Traffic').'</b>';
$table->head[5] = '<b>'.__('Avg. Throughput').'</b>';
$table->style[0] = 'padding: 4px';
} else {
$table->head[0] = '<b>'.__('Source IP').'</b>';
$table->head[1] = '<b>'.__('Destination IP').'</b>';
$table->head[2] = '<b>'.__('Ingress bytes').'</b>';
$table->head[3] = '<b>'.__('Egress bytes').'</b>';
$table->head[4] = '<b>'.__('Ingress packets').'</b>';
$table->head[5] = '<b>'.__('Egress packets').'</b>';
$table->head[6] = '<b>'.__('% Traffic').'</b>';
$table->head[7] = '<b>'.__('Avg. Throughput').'</b>';
$table->style[0] = 'padding: 4px';
}
$i = 0;
foreach ($data as $value) {
$table->data[$i][0] = $value['ip_src'];
$table->data[$i][1] = $value['ip_dst'];
$table->data[$i][2] = network_format_bytes($value['bytes']);
$traffic = '-';
if ($total_bytes > 0) {
$traffic = sprintf(
'%.2f',
(($value['bytes'] / $total_bytes) * 100)
);
if ($show_extended === true) {
$table->data[$i][2] = network_format_bytes($value['ibytes']);
$table->data[$i][3] = network_format_bytes($value['obytes']);
$table->data[$i][4] = (empty($value['ipackages']) === true) ? 0 : $value['ipackages'];
$table->data[$i][5] = (empty($value['opackages']) === true) ? 0 : $value['opackages'];
$table->data[$i][6] = $value['traffic'].' %';
} else {
$table->data[$i][2] = network_format_bytes($value['bytes']);
$table->data[$i][3] = (empty($value['ipackages']) === true) ? 0 : $value['ipackages'];
$table->data[$i][4] = $value['traffic'].' %';
}
$table->data[$i][3] = $traffic.' %';
$units = [
'bps',
'Kbps',
@ -382,7 +396,11 @@ function netflow_top_n_table(array $data, int $total_bytes)
$value['bps'] /= pow(1024, $pow);
$table->data[$i][4] = round($value['bps'], 2).' '.$units[$pow];
if ($show_extended === true) {
$table->data[$i][7] = round($value['bps'], 2).' '.$units[$pow];
} else {
$table->data[$i][5] = round($value['bps'], 2).' '.$units[$pow];
}
$i++;
}
@ -481,7 +499,9 @@ function netflow_get_top_N(
string $end_date,
array $filter,
int $max,
string $connection_name=''
string $connection_name='',
bool $extended_info=false,
int $total_bytes=0
) {
global $nfdump_date_format;
@ -496,7 +516,8 @@ function netflow_get_top_N(
return json_decode($data, true);
}
$options = '-o "fmt:%sap,%dap,%ibyt,%bps" -q -n '.$max.' -s record/bytes -t '.date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date);
$opts = ($extended_info === true) ? 'fmt:%sap,%dap,%ibyt,%obyt,%ipkt,%opkt,%bps' : 'fmt:%sap,%dap,%ibyt,%ipkt,%bps';
$options = '-o "'.$opts.'" -q -n '.$max.' -s record/bytes -t '.date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date);
$command = netflow_get_command($options, $filter, $start_date, $end_date);
@ -516,8 +537,29 @@ function netflow_get_top_N(
$values[$i]['ip_src'] = $parsed_line[0];
$values[$i]['ip_dst'] = $parsed_line[1];
$values[$i]['bytes'] = $parsed_line[2];
$values[$i]['bps'] = $parsed_line[3];
$traffic = '-';
if ($total_bytes > 0) {
$conn_bytes = $parsed_line[2];
$traffic = sprintf(
'%.2f',
(($conn_bytes / $total_bytes) * 100)
);
}
$values[$i]['traffic'] = $traffic;
if ($extended_info === true) {
$values[$i]['ibytes'] = $parsed_line[2];
$values[$i]['obytes'] = $parsed_line[3];
$values[$i]['ipackets'] = $parsed_line[4];
$values[$i]['opackets'] = $parsed_line[5];
$values[$i]['bps'] = $parsed_line[6];
} else {
$values[$i]['bytes'] = $parsed_line[2];
$values[$i]['bps'] = $parsed_line[3];
}
$i++;
}
@ -1341,7 +1383,11 @@ function netflow_draw_item(
$output='HTML',
$address_resolution=false,
$width_content=false,
$height_content=false
$height_content=false,
$extended=false,
$show_graph=true,
$show_summary=true,
$show_table=true
) {
$aggregate = $filter['aggregate'];
$interval = ($end_date - $start_date);
@ -1496,7 +1542,9 @@ function netflow_draw_item(
$end_date,
$filter,
$max_aggregates,
$connection_name
$connection_name,
$extended,
$data_summary['totalbytes']
);
if (empty($data_top_n) === true) {
@ -1505,16 +1553,76 @@ function netflow_draw_item(
if ($output === 'HTML' || $output === 'PDF') {
$html = '<table class="w100p">';
$html .= '<tr>';
$html .= "<td class='w50p'>";
$html .= netflow_summary_table($data_summary);
$html .= '</td>';
$html .= '</tr>';
$html .= '<tr>';
$html .= "<td class='w100p'>";
$html .= netflow_top_n_table($data_top_n, $data_summary['totalbytes']);
$html .= '</td>';
$html .= '</tr>';
if ($show_graph === true) {
$labels = array_map(
function ($conn) {
return __('% Traffic').' '.$conn['ip_src'].' - '.$conn['ip_dst'];
},
$data_top_n
);
$pie_data = array_map(
function ($conn) {
return $conn['traffic'];
},
$data_top_n
);
$graph_output = pie_graph(
$pie_data,
[
'width' => 200,
'height' => 200,
'ttl' => ($output === 'PDF') ? 2 : 1,
'dataLabel' => ['display' => 'auto'],
'layout' => [
'padding' => [
'top' => 15,
'bottom' => 15,
],
],
'legend' => [
'display' => true,
'position' => 'right',
'align' => 'center',
],
'labels' => $labels,
]
);
$html .= '<tr>';
$html .= "<td class='w500p padding-bottom-25px'>";
if ($output === 'PDF') {
$html .= '<img src="data:image/png;base64,'.$graph_output.'" />';
} else {
$html .= $graph_output;
}
$html .= '</td>';
$html .= '</tr>';
}
if ($show_summary === true) {
$html .= '<tr>';
$html .= "<td class='w50p'>";
$html .= netflow_summary_table($data_summary);
$html .= '</td>';
$html .= '</tr>';
}
if ($show_table === true) {
$html .= '<tr>';
$html .= "<td class='w100p'>";
$html .= netflow_top_n_table(
$data_top_n,
$data_summary['totalbytes'],
$extended
);
$html .= '</td>';
$html .= '</tr>';
}
$html .= '</table>';
return $html;
@ -1638,7 +1746,8 @@ function netflow_get_item_data(
string $type_netflow,
array $filter,
int $max_aggregates,
string $connection_name
string $connection_name,
bool $extended=false
) {
$data = [];
@ -1656,7 +1765,9 @@ function netflow_get_item_data(
$end_date,
$filter,
$max_aggregates,
$connection_name
$connection_name,
$extended,
$data_summary['totalbytes']
);
$data = [

37
pandora_console/include/functions_reporting.php
View File

@ -6981,6 +6981,20 @@ function reporting_netflow(
$filter['aggregate'] = 'dstport';
}
$es = json_decode($content['external_source'], true);
$extended = false;
$show_graph = false;
$show_summary = false;
$show_table = false;
if (empty($es) === false) {
$extended = ((int) $es['top_n_type'] === 1);
$show_graph = ((int) $es['display_graph'] === 1);
$show_summary = ((int) $es['display_summary'] === 1);
$show_table = ((int) $es['display_data_table'] === 1);
}
switch ($type) {
case 'dinamic':
case 'static':
@ -6992,7 +7006,14 @@ function reporting_netflow(
$filter,
$content['top_n_value'],
$content['server_name'],
(($pdf === true) ? 'PDF' : 'HTML')
(($pdf === true) ? 'PDF' : 'HTML'),
false,
false,
false,
$extended,
$show_graph,
$show_summary,
$show_table
);
break;
@ -7015,11 +7036,15 @@ function reporting_netflow(
break;
}
$return['subtitle'] = netflow_generate_subtitle_report(
$filter['aggregate'],
$content['top_n'],
$type_netflow
);
if ($extended === true) {
$return['subtitle'] = __('InBound/Outbound traffic per SrcIP/DestIP');
} else {
$return['subtitle'] = netflow_generate_subtitle_report(
$filter['aggregate'],
$content['top_n'],
$type_netflow
);
}
return reporting_check_structure_content($return);
}

4
pandora_console/include/styles/pandora.css
View File

@ -1040,6 +1040,10 @@ select:-internal-list-box {
padding-bottom: 5px;
}
.padding-bottom-25px {
padding-bottom: 25px;
}
.padding-right-2 {
padding-right: 2em;
}