diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 4eb6390fb2..74d9f07527 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -1058,7 +1058,11 @@ switch ($action) { $resolution = $item['top_n']; // Interval resolution. $max_values = $item['top_n_value']; - // Max values. + $es = json_decode($item['external_source'], true); + $top_n_type = $es['top_n_type']; + $display_graph = $es['display_graph']; + $display_summary = $es['display_summary']; + $display_data_table = $es['display_data_table']; break; case 'permissions_report': @@ -1703,6 +1707,75 @@ if (is_metaconsole() === true) { + + + + __('Show aggregate by destination port'), + 1 => __('Show InBound/Outbound traffic per SrcIP/DestIP'), + ]; + html_print_select( + $types, + 'top_n_type', + $top_n_type, + '' + ); + ?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + data = []; $table->head = []; - $table->head[0] = ''.__('Source IP').''; - $table->head[1] = ''.__('Destination IP').''; - $table->head[2] = ''.__('Bytes').''; - $table->head[3] = ''.__('% Traffic').''; - $table->head[4] = ''.__('Avg. Throughput').''; - $table->style[0] = 'padding: 4px'; + if ($show_extended === false) { + $table->head[0] = ''.__('Source IP').''; + $table->head[1] = ''.__('Destination IP').''; + $table->head[2] = ''.__('Bytes').''; + $table->head[3] = ''.__('Packets').''; + $table->head[4] = ''.__('% Traffic').''; + $table->head[5] = ''.__('Avg. Throughput').''; + $table->style[0] = 'padding: 4px'; + } else { + $table->head[0] = ''.__('Source IP').''; + $table->head[1] = ''.__('Destination IP').''; + $table->head[2] = ''.__('Ingress bytes').''; + $table->head[3] = ''.__('Egress bytes').''; + $table->head[4] = ''.__('Ingress packets').''; + $table->head[5] = ''.__('Egress packets').''; + $table->head[6] = ''.__('% Traffic').''; + $table->head[7] = ''.__('Avg. Throughput').''; + $table->style[0] = 'padding: 4px'; + } $i = 0; foreach ($data as $value) { $table->data[$i][0] = $value['ip_src']; $table->data[$i][1] = $value['ip_dst']; - $table->data[$i][2] = network_format_bytes($value['bytes']); - $traffic = '-'; - - if ($total_bytes > 0) { - $traffic = sprintf( - '%.2f', - (($value['bytes'] / $total_bytes) * 100) - ); + if ($show_extended === true) { + $table->data[$i][2] = network_format_bytes($value['ibytes']); + $table->data[$i][3] = network_format_bytes($value['obytes']); + $table->data[$i][4] = (empty($value['ipackages']) === true) ? 0 : $value['ipackages']; + $table->data[$i][5] = (empty($value['opackages']) === true) ? 0 : $value['opackages']; + $table->data[$i][6] = $value['traffic'].' %'; + } else { + $table->data[$i][2] = network_format_bytes($value['bytes']); + $table->data[$i][3] = (empty($value['ipackages']) === true) ? 0 : $value['ipackages']; + $table->data[$i][4] = $value['traffic'].' %'; } - $table->data[$i][3] = $traffic.' %'; - $units = [ 'bps', 'Kbps', @@ -382,7 +396,11 @@ function netflow_top_n_table(array $data, int $total_bytes) $value['bps'] /= pow(1024, $pow); - $table->data[$i][4] = round($value['bps'], 2).' '.$units[$pow]; + if ($show_extended === true) { + $table->data[$i][7] = round($value['bps'], 2).' '.$units[$pow]; + } else { + $table->data[$i][5] = round($value['bps'], 2).' '.$units[$pow]; + } $i++; } @@ -481,7 +499,9 @@ function netflow_get_top_N( string $end_date, array $filter, int $max, - string $connection_name='' + string $connection_name='', + bool $extended_info=false, + int $total_bytes=0 ) { global $nfdump_date_format; @@ -496,7 +516,8 @@ function netflow_get_top_N( return json_decode($data, true); } - $options = '-o "fmt:%sap,%dap,%ibyt,%bps" -q -n '.$max.' -s record/bytes -t '.date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date); + $opts = ($extended_info === true) ? 'fmt:%sap,%dap,%ibyt,%obyt,%ipkt,%opkt,%bps' : 'fmt:%sap,%dap,%ibyt,%ipkt,%bps'; + $options = '-o "'.$opts.'" -q -n '.$max.' -s record/bytes -t '.date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date); $command = netflow_get_command($options, $filter, $start_date, $end_date); @@ -516,8 +537,29 @@ function netflow_get_top_N( $values[$i]['ip_src'] = $parsed_line[0]; $values[$i]['ip_dst'] = $parsed_line[1]; - $values[$i]['bytes'] = $parsed_line[2]; - $values[$i]['bps'] = $parsed_line[3]; + + $traffic = '-'; + if ($total_bytes > 0) { + $conn_bytes = $parsed_line[2]; + + $traffic = sprintf( + '%.2f', + (($conn_bytes / $total_bytes) * 100) + ); + } + + $values[$i]['traffic'] = $traffic; + + if ($extended_info === true) { + $values[$i]['ibytes'] = $parsed_line[2]; + $values[$i]['obytes'] = $parsed_line[3]; + $values[$i]['ipackets'] = $parsed_line[4]; + $values[$i]['opackets'] = $parsed_line[5]; + $values[$i]['bps'] = $parsed_line[6]; + } else { + $values[$i]['bytes'] = $parsed_line[2]; + $values[$i]['bps'] = $parsed_line[3]; + } $i++; } @@ -1341,7 +1383,11 @@ function netflow_draw_item( $output='HTML', $address_resolution=false, $width_content=false, - $height_content=false + $height_content=false, + $extended=false, + $show_graph=true, + $show_summary=true, + $show_table=true ) { $aggregate = $filter['aggregate']; $interval = ($end_date - $start_date); @@ -1496,7 +1542,9 @@ function netflow_draw_item( $end_date, $filter, $max_aggregates, - $connection_name + $connection_name, + $extended, + $data_summary['totalbytes'] ); if (empty($data_top_n) === true) { @@ -1505,16 +1553,76 @@ function netflow_draw_item( if ($output === 'HTML' || $output === 'PDF') { $html = ''; - $html .= ''; - $html .= "'; - $html .= ''; - $html .= ''; - $html .= "'; - $html .= ''; + if ($show_graph === true) { + $labels = array_map( + function ($conn) { + return __('% Traffic').' '.$conn['ip_src'].' - '.$conn['ip_dst']; + }, + $data_top_n + ); + + $pie_data = array_map( + function ($conn) { + return $conn['traffic']; + }, + $data_top_n + ); + + $graph_output = pie_graph( + $pie_data, + [ + 'width' => 200, + 'height' => 200, + 'ttl' => ($output === 'PDF') ? 2 : 1, + 'dataLabel' => ['display' => 'auto'], + 'layout' => [ + 'padding' => [ + 'top' => 15, + 'bottom' => 15, + ], + ], + 'legend' => [ + 'display' => true, + 'position' => 'right', + 'align' => 'center', + ], + 'labels' => $labels, + ] + ); + + $html .= ''; + $html .= "'; + $html .= ''; + } + + if ($show_summary === true) { + $html .= ''; + $html .= "'; + $html .= ''; + } + + if ($show_table === true) { + $html .= ''; + $html .= "'; + $html .= ''; + } + $html .= '
"; - $html .= netflow_summary_table($data_summary); - $html .= '
"; - $html .= netflow_top_n_table($data_top_n, $data_summary['totalbytes']); - $html .= '
"; + + if ($output === 'PDF') { + $html .= ''; + } else { + $html .= $graph_output; + } + + $html .= '
"; + $html .= netflow_summary_table($data_summary); + $html .= '
"; + $html .= netflow_top_n_table( + $data_top_n, + $data_summary['totalbytes'], + $extended + ); + $html .= '
'; return $html; @@ -1638,7 +1746,8 @@ function netflow_get_item_data( string $type_netflow, array $filter, int $max_aggregates, - string $connection_name + string $connection_name, + bool $extended=false ) { $data = []; @@ -1656,7 +1765,9 @@ function netflow_get_item_data( $end_date, $filter, $max_aggregates, - $connection_name + $connection_name, + $extended, + $data_summary['totalbytes'] ); $data = [ diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index d73950e989..7534cb5e23 100755 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -6981,6 +6981,20 @@ function reporting_netflow( $filter['aggregate'] = 'dstport'; } + $es = json_decode($content['external_source'], true); + + $extended = false; + $show_graph = false; + $show_summary = false; + $show_table = false; + + if (empty($es) === false) { + $extended = ((int) $es['top_n_type'] === 1); + $show_graph = ((int) $es['display_graph'] === 1); + $show_summary = ((int) $es['display_summary'] === 1); + $show_table = ((int) $es['display_data_table'] === 1); + } + switch ($type) { case 'dinamic': case 'static': @@ -6992,7 +7006,14 @@ function reporting_netflow( $filter, $content['top_n_value'], $content['server_name'], - (($pdf === true) ? 'PDF' : 'HTML') + (($pdf === true) ? 'PDF' : 'HTML'), + false, + false, + false, + $extended, + $show_graph, + $show_summary, + $show_table ); break; @@ -7015,11 +7036,15 @@ function reporting_netflow( break; } - $return['subtitle'] = netflow_generate_subtitle_report( - $filter['aggregate'], - $content['top_n'], - $type_netflow - ); + if ($extended === true) { + $return['subtitle'] = __('InBound/Outbound traffic per SrcIP/DestIP'); + } else { + $return['subtitle'] = netflow_generate_subtitle_report( + $filter['aggregate'], + $content['top_n'], + $type_netflow + ); + } return reporting_check_structure_content($return); } diff --git a/pandora_console/include/styles/pandora.css b/pandora_console/include/styles/pandora.css index 8a30f050be..3bb55fbf37 100644 --- a/pandora_console/include/styles/pandora.css +++ b/pandora_console/include/styles/pandora.css @@ -1040,6 +1040,10 @@ select:-internal-list-box { padding-bottom: 5px; } +.padding-bottom-25px { + padding-bottom: 25px; +} + .padding-right-2 { padding-right: 2em; }