def get_allowed_fields(user):
return tuple(
x['name']
for x in SuperSearchFields().get().values()
if x['is_exposed']
and has_permissions(user, x['permissions_needed'])
)
def signature_report(request, default_context=None):
context = default_context
params = get_validated_params(request)
if isinstance(params, http.HttpResponseBadRequest):
# There was an error in the form, let's return it.
return params
signature = request.GET.get('signature')
if not signature:
return http.HttpResponseBadRequest(
'"signature" parameter is mandatory')
context['signature'] = signature
fields = sorted(x['name'] for x in SuperSearchFields().get().values()
if x['is_exposed'] and x['is_returned']
and has_permissions(request.user, x['permissions_needed'])
and x['name'] != 'signature' # exclude the signature field
)
context['fields'] = [{
'id': field,
'text': field.replace('_', ' ')
} for field in fields]
context['columns'] = request.GET.getlist('_columns') or DEFAULT_COLUMNS
context['report_list_query_string'] = urllib.urlencode(
utils.sanitize_dict(get_report_list_parameters(params)), True)
return render(request, 'signature/signature_report.html', context)
def get_allowed_fields(user):
return tuple(
x['name']
for x in SuperSearchFields().get().values()
if x['is_exposed']
and has_permissions(user, x['permissions_needed'])
)
def signature_report(request, default_context=None):
context = default_context
signature = request.GET.get('signature')
if not signature:
return http.HttpResponseBadRequest(
'"signature" parameter is mandatory'
)
context['signature'] = signature
fields = sorted(
x['name']
for x in SuperSearchFields().get().values()
if x['is_exposed']
and x['is_returned']
and has_permissions(request.user, x['permissions_needed'])
and x['name'] != 'signature' # exclude the signature field
)
context['fields'] = [
{'id': field, 'text': field.replace('_', ' ')} for field in fields
]
context['columns'] = request.GET.getlist('_columns') or DEFAULT_COLUMNS
return render(request, 'signature/signature_report.html', context)
def signature_summary(request, params):
'''Return a list of specific aggregations. '''
context = {}
params['signature'] = '=' + params['signature'][0]
params['_aggs.signature'] = [
'hang_type',
'process_type',
'startup_crash',
'_histogram.uptime',
]
params['_results_number'] = 0
params['_facets'] = [
'platform_pretty_version',
'cpu_name',
'process_type',
'flash_version',
]
params['_histogram.uptime'] = ['product']
params['_histogram_interval.uptime'] = 60
params['_aggs.adapter_vendor_id'] = ['adapter_device_id']
params['_aggs.android_cpu_abi.android_manufacturer.android_model'] = [
'android_version'
]
params['_aggs.product.version'] = ['_cardinality.install_time']
# If the user has permissions, show exploitability.
all_fields = SuperSearchFields().get()
if has_permissions(request.user,
all_fields['exploitability']['permissions_needed']):
params['_histogram.date'] = ['exploitability']
api = SuperSearchUnredacted()
# Now make the actual request with all expected parameters.
try:
search_results = api.get(**params)
except BadArgumentError as e:
# We need to return the error message in some HTML form for jQuery to
# pick it up.
return http.HttpResponseBadRequest(render_exception(e))
facets = search_results['facets']
_transform_uptime_summary(facets)
_transform_graphics_summary(facets)
_transform_mobile_summary(facets)
_transform_exploitability_summary(facets)
context['query'] = search_results
context['product_version_total'] = search_results['total']
if 'signature' in facets and len(facets['signature']) > 0:
context['signature_stats'] = SignatureStats(
search_results['facets']['signature'][0], search_results['total'])
return render(request, 'signature/signature_summary.html', context)
def signature_summary(request, params):
"""Return a list of specific aggregations"""
context = {}
params['signature'] = '=' + params['signature'][0]
params['_aggs.signature'] = [
'hang_type',
'process_type',
'startup_crash',
'_histogram.uptime',
]
params['_results_number'] = 0
params['_facets'] = [
'platform_pretty_version',
'cpu_arch',
'process_type',
'flash_version',
]
params['_histogram.uptime'] = ['product']
params['_histogram_interval.uptime'] = 60
params['_aggs.adapter_vendor_id'] = ['adapter_device_id']
params['_aggs.android_cpu_abi.android_manufacturer.android_model'] = [
'android_version'
]
params['_aggs.product.version'] = ['_cardinality.install_time']
# If the user has permissions, show exploitability.
all_fields = SuperSearchFields().get()
if has_permissions(
request.user, all_fields['exploitability']['permissions_needed']
):
params['_histogram.date'] = ['exploitability']
api = SuperSearchUnredacted()
# Now make the actual request with all expected parameters.
try:
search_results = api.get(**params)
except BadArgumentError as e:
# We need to return the error message in some HTML form for jQuery to
# pick it up.
return http.HttpResponseBadRequest(render_exception(e))
facets = search_results['facets']
_transform_uptime_summary(facets)
_transform_graphics_summary(facets)
_transform_mobile_summary(facets)
_transform_exploitability_summary(facets)
context['query'] = search_results
context['product_version_total'] = search_results['total']
if 'signature' in facets and len(facets['signature']) > 0:
context['signature_stats'] = SignatureStats(search_results['facets']['signature'][0],
search_results['total'])
return render(request, 'signature/signature_summary.html', context)
def signature_report(request, params, default_context=None):
context = default_context
signature = request.GET.get('signature')
if not signature:
return http.HttpResponseBadRequest(
'"signature" parameter is mandatory'
)
context['signature'] = signature
fields = sorted(
x['name']
for x in SuperSearchFields().get().values()
if x['is_exposed'] and
x['is_returned'] and
has_permissions(request.user, x['permissions_needed']) and
x['name'] != 'signature' # exclude the signature field
)
context['fields'] = [
{'id': field, 'text': field.replace('_', ' ')} for field in fields
]
columns = request.GET.getlist('_columns')
columns = [x for x in columns if x in fields]
context['columns'] = columns or DEFAULT_COLUMNS
sort = request.GET.getlist('_sort')
sort = [x for x in sort if x in fields]
context['sort'] = sort or DEFAULT_SORT
context['channels'] = ','.join(settings.CHANNELS).split(',')
context['channel'] = settings.CHANNEL
# Compute dates to show them to the user.
start_date, end_date = get_date_boundaries(params)
context['query'] = {
'start_date': start_date,
'end_date': end_date,
}
return render(request, 'signature/signature_report.html', context)
def signature_report(request, params, default_context=None):
context = default_context
signature = request.GET.get('signature')
if not signature:
return http.HttpResponseBadRequest(
'"signature" parameter is mandatory'
)
context['signature'] = signature
fields = sorted(
x['name']
for x in SuperSearchFields().get().values()
if x['is_exposed'] and
x['is_returned'] and
has_permissions(request.user, x['permissions_needed']) and
x['name'] != 'signature' # exclude the signature field
)
context['fields'] = [
{'id': field, 'text': field.replace('_', ' ')} for field in fields
]
columns = request.GET.getlist('_columns')
columns = [x for x in columns if x in fields]
context['columns'] = columns or DEFAULT_COLUMNS
sort = request.GET.getlist('_sort')
sort = [x for x in sort if x in fields]
context['sort'] = sort or DEFAULT_SORT
context['channels'] = ','.join(settings.CHANNELS).split(',')
context['channel'] = settings.CHANNEL
context['report_list_query_string'] = urllib.urlencode(
utils.sanitize_dict(
get_report_list_parameters(params)
),
True
)
return render(request, 'signature/signature_report.html', context)
def signature_report(request, default_context=None):
context = default_context
signature = request.GET.get('signature')
if not signature:
return http.HttpResponseBadRequest(
'"signature" parameter is mandatory')
context['signature'] = signature
fields = sorted(x['name'] for x in SuperSearchFields().get().values()
if x['is_exposed'] and x['is_returned']
and has_permissions(request.user, x['permissions_needed'])
and x['name'] != 'signature' # exclude the signature field
)
context['fields'] = [{
'id': field,
'text': field.replace('_', ' ')
} for field in fields]
return render(request, 'signature/signature_report.html', context)
def signature_report(request, default_context=None):
context = default_context
params = get_validated_params(request)
if isinstance(params, http.HttpResponseBadRequest):
# There was an error in the form, let's return it.
return params
signature = request.GET.get('signature')
if not signature:
return http.HttpResponseBadRequest(
'"signature" parameter is mandatory'
)
context['signature'] = signature
fields = sorted(
x['name']
for x in SuperSearchFields().get().values()
if x['is_exposed']
and x['is_returned']
and has_permissions(request.user, x['permissions_needed'])
and x['name'] != 'signature' # exclude the signature field
)
context['fields'] = [
{'id': field, 'text': field.replace('_', ' ')} for field in fields
]
context['columns'] = request.GET.getlist('_columns') or DEFAULT_COLUMNS
context['report_list_query_string'] = urllib.urlencode(
utils.sanitize_dict(
get_report_list_parameters(params)
),
True
)
return render(request, 'signature/signature_report.html', context)
def signature_report(request, params, default_context=None):
context = default_context
signature = request.GET.get('signature')
if not signature:
return http.HttpResponseBadRequest(
'"signature" parameter is mandatory'
)
context['signature'] = signature
fields = sorted(
x['name']
for x in SuperSearchFields().get().values()
if x['is_exposed'] and
x['is_returned'] and
has_permissions(request.user, x['permissions_needed']) and
x['name'] != 'signature' # exclude the signature field
)
context['fields'] = [
{'id': field, 'text': field.replace('_', ' ')} for field in fields
]
context['columns'] = request.GET.getlist('_columns') or DEFAULT_COLUMNS
context['channels'] = ','.join(settings.CHANNELS).split(',')
context['channel'] = settings.CHANNEL
context['report_list_query_string'] = urllib.urlencode(
utils.sanitize_dict(
get_report_list_parameters(params)
),
True
)
return render(request, 'signature/signature_report.html', context)
def signature_summary(request, params):
'''Return a list of specific aggregations. '''
context = {}
params['signature'] = '=' + params['signature'][0]
params['_results_number'] = 0
params['_facets'] = [
'platform_pretty_version',
'cpu_name',
'process_type',
'flash_version',
]
params['_histogram.uptime'] = ['product']
params['_histogram_interval.uptime'] = 60
params['_aggs.adapter_vendor_id'] = ['adapter_device_id']
params['_aggs.android_cpu_abi.android_manufacturer.android_model'] = [
'android_version'
]
# If the user has permissions, show exploitability.
all_fields = SuperSearchFields().get()
if has_permissions(
request.user, all_fields['exploitability']['permissions_needed']
):
params['_histogram.date'] = ['exploitability']
api = SuperSearchUnredacted()
# Now make the actual request with all expected parameters.
try:
search_results = api.get(**params)
except BadArgumentError as e:
# We need to return the error message in some HTML form for jQuery to
# pick it up.
return http.HttpResponseBadRequest(render_exception(e))
facets = search_results['facets']
# We need to make a separate query so that we can show all versions and
# not just the one asked for.
params_copy = {
'signature': params['signature'],
'_aggs.product.version': ['_cardinality.install_time'],
}
try:
product_results = api.get(**params_copy)
except BadArgumentError as e:
# We need to return the error message in some HTML form for jQuery
# to pick it up.
return http.HttpResponseBadRequest(render_exception(e))
if 'product' in product_results['facets']:
facets['product'] = product_results['facets']['product']
else:
facets['product'] = []
context['product_version_total'] = product_results['total']
_transform_uptime_summary(facets)
_transform_graphics_summary(facets)
_transform_mobile_summary(facets)
_transform_exploitability_summary(facets)
context['query'] = search_results
return render(request, 'signature/signature_summary.html', context)
def signature_summary(request, params):
'''Return a list of specific aggregations. '''
data = {}
params['signature'] = '=' + params['signature'][0]
params['_results_number'] = 0
params['_facets'] = [
'platform_pretty_version',
'cpu_name',
'process_type',
'flash_version',
]
params['_histogram.uptime'] = ['product']
params['_histogram_interval.uptime'] = 60
params['_aggs.adapter_vendor_id'] = ['adapter_device_id']
params['_aggs.android_cpu_abi.android_manufacturer.android_model'] = [
'android_version'
]
# If the user has permissions, show exploitability.
all_fields = SuperSearchFields().get()
if has_permissions(
request.user, all_fields['exploitability']['permissions_needed']
):
params['_histogram.date'] = ['exploitability']
api = SuperSearchUnredacted()
# Now make the actual request with all expected parameters.
try:
search_results = api.get(**params)
except models.BadStatusCodeError as e:
# We need to return the error message in some HTML form for jQuery to
# pick it up.
return http.HttpResponseBadRequest('<ul><li>%s</li></ul>' % e)
facets = search_results['facets']
# We need to make a separate query so that we can show all versions and
# not just the one asked for.
params_copy = {
'signature': params['signature'],
'_aggs.product.version': ['_cardinality.install_time'],
}
try:
product_results = api.get(**params_copy)
except models.BadStatusCodeError as e:
# We need to return the error message in some HTML form for jQuery
# to pick it up.
return http.HttpResponseBadRequest('<ul><li>%s</li></ul>' % e)
if 'product' in product_results['facets']:
facets['product'] = product_results['facets']['product']
else:
facets['product'] = []
data['product_version_total'] = product_results['total']
_transform_uptime_summary(facets)
_transform_graphics_summary(facets)
_transform_mobile_summary(facets)
_transform_exploitability_summary(facets)
data['query'] = search_results
return render(request, 'signature/signature_summary.html', data)
def signature_summary(request, params):
'''Return a list of specific aggregations. '''
data = {}
params['signature'] = '=' + params['signature'][0]
params['_results_number'] = 0
params['_facets'] = [
'platform_pretty_version',
'cpu_name',
'process_type',
'flash_version',
]
params['_histogram.uptime'] = ['product']
params['_histogram_interval.uptime'] = 60
# If the user has permissions, show exploitability.
all_fields = SuperSearchFields().get()
if has_permissions(
request.user, all_fields['exploitability']['permissions_needed']
):
params['_histogram.date'] = ['exploitability']
api = SuperSearchUnredacted()
try:
search_results = api.get(**params)
except models.BadStatusCodeError as e:
# We need to return the error message in some HTML form for jQuery to
# pick it up.
return http.HttpResponseBadRequest('<ul><li>%s</li></ul>' % e)
facets = search_results['facets']
# Transform uptime data to be easier to consume.
# Keys are in minutes.
if 'histogram_uptime' in facets:
labels = {
0: '< 1 min',
1: '1-5 min',
5: '5-15 min',
15: '15-60 min',
60: '> 1 hour'
}
uptimes_count = dict((x, 0) for x in labels)
for uptime in facets['histogram_uptime']:
for uptime_minutes in sorted(uptimes_count.keys(), reverse=True):
uptime_seconds = uptime_minutes * 60
if uptime['term'] >= uptime_seconds:
uptimes_count[uptime_minutes] += uptime['count']
break
uptimes = [
{'term': labels.get(key), 'count': count}
for key, count in uptimes_count.items()
if count > 0
]
uptimes = sorted(uptimes, key=lambda x: x['count'], reverse=True)
data['uptimes'] = uptimes
# Transform exploitability facet.
if 'histogram_date' in facets:
exploitability_base = {
'none': 0,
'low': 0,
'medium': 0,
'high': 0,
}
for day in facets['histogram_date']:
exploitability = dict(exploitability_base)
for expl in day['facets']['exploitability']:
if expl['term'] in exploitability:
exploitability[expl['term']] = expl['count']
day['exploitability'] = exploitability
facets['histogram_date'] = sorted(
facets['histogram_date'],
key=lambda x: x['term'],
reverse=True
)
data['query'] = search_results
return render(request, 'signature/signature_summary.html', data)
