def vulner_lists(request):
from proj.utils import from_sql_get_data
## 设置当前最近的一个任务的信息; 完成度为100% 的最近的一个任务
pre_sql = """select * from scan_task_temp
where t_status=2 and t_ecode=0 and t_progress=100 and has_results > 0
order by t_update_time desc;"""
current_ok_task = from_sql_get_data(pre_sql)["data"][0]
task_id = current_ok_task["task_id"]
sql = """select vulner_temp.*, t2.id as id
from (select * from vulner_temp where task_id = '{task_id}')as vulner_temp
left join eid_connect_cruiser_id as t2
on vulner_temp.uniq_id = t2.vulner_id;""".format(task_id=task_id)
datas = from_sql_get_data(sql)["data"]
res = []
for i in range(len(datas)):
temp = []
# NOte: 可以在这个位置增加上已完成处理等的标签; 目前省略掉了。
if int(datas[i]["threat_code"]) > 1:
temp.append("<small class=\"label label-danger\">高危紧急</small>")
else:
temp.append("")
temp.append(datas[i]["add_time"])
temp.append(datas[i]["vulner_name"])
temp.append(datas[i]["ip"])
temp.append(datas[i]["port"])
temp.append("""<span class="badge bg-yellow" name="sign" id="opt{id}" onclick="jump_to_detail(this.id)">处置</span>""".format(id=datas[i]["id"]))
res.append(temp)
return JsonResponse({'res': res})
def cruiser_home_info(request):
## 对于每一个 task_id 产生的数据进行整合分析;
sql = """select t3.*,t4.t_add_time from(select t1.task_id, t1.eid, t1.threat_code, t2.event_stat from
(select vulner_temp.*,eid_connect_cruiser_id.id as eid from vulner_temp
left join eid_connect_cruiser_id
on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id
) as t1
left join proj_eventdetail as t2
on t1.eid = t2.event_id
) as t3
left join scan_task_temp as t4
on t4.task_id=t3.task_id;"""
datas = from_sql_get_data(sql)["data"]
all_ids = np.unique([data["eid"] for data in datas])
deling_ids = np.unique(
[data["eid"] for data in datas if data["event_stat"] == "签收"])
not_deled_ids = [id for id in all_ids if id not in deling_ids]
return JsonResponse({
"res": {
"all_num": len(all_ids),
"deling_ids": len(deling_ids),
"not_deled_ids": len(not_deled_ids),
}
})
def get_uniq_ids_from_vulner(task_id):
res_ids = pd.DataFrame(
list(
from_sql_get_data(
"""select * from vulner_temp where task_id=`{task_id}`};""".
format(task_id=task_id))["data"]))["vulner_id"]
return res_ids
def vulner_task_lists(request):
sql = """select * from cruiser_task_temp;"""
datas = from_sql_get_data(sql)["data"]
res_str_array = []
for data in datas:
check_stat = "unchecked"
if int(data["used"]) > 0:
check_stat = "checked"
params = {
"task_desc": data["task_desc"],
"run_onday": data["run_onday"],
"task_time": data["task_time"],
"check_stat": check_stat,
"id": data["id"]
}
temp_str = """{task_desc},
{run_onday} {task_time},
<input name="my-checkbox" type="checkbox" class="switch-small" {check_stat} id="task_checked{id}" />,
<i class="fa fa-eyedropper ifir" onclick="modify_task_by_id({id})"></i>
<i class="fa fa-remove isec" style="margin-left:20px;" onclick="delete_task_by_id({id})"></i>,
{id}""".format(**params)
res_str_array.append(temp_str.split(","))
return JsonResponse({"res": res_str_array})
def get_scanning_area(request):
sql = """select * from proj_ipbelongarea;"""
datas = from_sql_get_data(sql)["data"]
res = [[
data["ip"], data["name"], data["area"],
"""<i class="fa faifir"></i> <i -eyedropper class="fa fa-remove isec" style="margin-left:20px;" onclick="delete_ip_from_topoarea('"""
+ data["ip"] + """')"></i>""", data["id"]
] for data in datas]
return JsonResponse({"res": res})
def get_all_ips_info_based_dialog():
from proj.utils import from_sql_get_data
import pandas as pd
## 威胁预警
sql = """select id, rule_id, src_ip, dst_ip, t2.rules_type as rules_type from
user_alert
left join (select sid, rules_type from regular) as t2
on user_alert.rule_id = t2.sid;"""
gjwx = from_sql_get_data(sql)["data"]
## 智能巡检
sql2 = """select vulner_temp.vulner_name, vulner_temp.ip, vulner_temp.threat_code, eid_connect_cruiser_id.id as eid from vulner_temp
left join eid_connect_cruiser_id
on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id
;"""
znxj = from_sql_get_data(sql2)["data"]
return gjwx, znxj
def all_cruser_history(request):
## 对于每一个 task_id 产生的数据进行整合分析;
sql = """select t3.*,t4.t_add_time from(select t1.task_id, t1.eid, t1.threat_code, t2.event_stat from
(select vulner_temp.*,eid_connect_cruiser_id.id as eid from vulner_temp
left join eid_connect_cruiser_id
on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id
) as t1
left join proj_eventdetail as t2
on t1.eid = t2.event_id
) as t3
left join scan_task_temp as t4
on t4.task_id=t3.task_id;"""
datas = from_sql_get_data(sql)["data"]
tasks = np.unique([data["task_id"] for data in datas])
res_str_array = []
for task_id in tasks:
temp_task = [data for data in datas if data["task_id"] == task_id]
if len(temp_task) == 0:
continue
task_dt = temp_task[0]["t_add_time"]
all_terms_num = len(np.unique([x["eid"] for x in temp_task]))
danger_terms_num = len([x for x in temp_task if x["threat_code"] > 1])
## 有签收状态代表处理中的总数
lined_terms_num = len(
np.unique([x["eid"] for x in temp_task
if x["event_stat"] == "签收"]))
deled_num = len(
np.unique([
x["eid"] for x in temp_task
if x["event_stat"] == "忽略" or x["event_stat"] == "完成"
]))
params = {
"task_dt": task_dt,
"all_terms_num": all_terms_num,
"danger_terms_num": danger_terms_num,
"not_deled_num": all_terms_num - lined_terms_num,
"task_id": task_id
}
if (all_terms_num - deled_num == 0):
temp_str = """日常,{task_dt},{all_terms_num} 个隐患 {danger_terms_num} 个高危,
<small class="label label-default">已处理</small>,<span class="badge bg-white" onclick="judge_to_risk_d_s('{task_id}')">查看</span>""".format(
**params)
else:
## 任务, 执行时间, 隐患数, 处理情况, 处置
temp_str = """日常,{task_dt},{all_terms_num} 个隐患 {danger_terms_num} 个高危,
<small class="label label-danger">{not_deled_num}个未处理</small>,<span class="badge bg-yellow" onclick="judge_to_risk_d_s('{task_id}')">处置</span>""".format(
**params)
res_str_array.append(temp_str.split(","))
return JsonResponse({"res": res_str_array})
def task_prefor_list(request):
sql = """select * from (select * from scan_task_temp
where t_status=2 and t_ecode=0
order by t_update_time desc limit 3)as t order by t_update_time;"""
datas = from_sql_get_data(sql)["data"]
res_table_tr_strs = """"""
for data in datas:
# temp_dt = datetime(*[int(x) for x in str(data["t_update_time"]).split(" ")[0].split("-")],
# *[int(x) for x in str(data["t_update_time"]).split(" ")[1].split(":")])
temp_dt = data["t_update_time"]
task_dt = str(temp_dt.month) + \
"月" + str(temp_dt.day) + \
"日" + " " + str(temp_dt.hour) + \
"." + str(temp_dt.minute)
params = {
"task_dt": task_dt,
"task_progress": data["t_progress"],
}
temp_str = """<tr>
<td>{task_dt}</td>
<td>日常</td>
<td>
<div class="progress-bar" role="progressbar" aria-valuenow="{task_progress}"
aria-valuemin="0" aria-valuemax="100" style="width: {task_progress}%;">
<span class="">{task_progress}%</span>
</div>
</td>
</tr>""".format(**params)
res_table_tr_strs += temp_str
## 首先在末尾装载两个 准备执行的任务
from .utils import get_pre_task_dts
for dt in get_pre_task_dts(datetime.now())[:2]:
temp_str = """<tr>
<td>{task_dt}</td>
<td>日常</td>
<td>
<div class="progress-bar" role="progressbar" aria-valuenow="0"
aria-valuemin="0" aria-valuemax="100" style="width: 0%;">
<span class="">0%</span>
</div>
</td>
</tr>""".format(task_dt=str(dt.month) + \
"月" + str(dt.day) + \
"日" + " " + str(dt.hour) + \
"." + str(dt.minute))
res_table_tr_strs += temp_str
return HttpResponse(res_table_tr_strs)
def get_pre_task_dts(last_dt):
datas = from_sql_get_data(
"""select * from cruiser_task_temp where used = 1;""")["data"]
cn_week_days = ["日", "一", "二", "三", "四", "五", "六"]
dts = []
for data in datas:
if data["run_onday"] == "每天":
y = lambda i: get_dt_by_time(last_dt + timedelta(days=i),
str(data["task_time"]))
test_days_in_a_eday = [y(i) for i in range(2) if y(i) > last_dt]
dts.extend(test_days_in_a_eday)
## 这里用了两个小技巧: 1全局设置调用本脚本模拟时间; 2,星期队列判断
if len(data["run_onday"].split("星期")) > 1:
cn_current_weekday = data["run_onday"].split("星期")[1]
gaim_week_day = [
i for i in range(len(cn_week_days))
if cn_week_days[i] == cn_current_weekday
][0]
y = lambda i: get_dt_by_time(last_dt + timedelta(days=i),
str(data["task_time"]))
test_days_in_a_week = [
y(i) for i in range(14)
if y(i).weekday() == gaim_week_day and y(i) > last_dt
]
dts.extend(test_days_in_a_week)
import re
if re.match("""每月(\d+)号""", data["run_onday"]):
gaim_day_num = int(
re.findall("""每月(\d+)号""", data["run_onday"])[0])
## 遍历 `31` 天内 \d 号的日期集合
y = lambda i: get_dt_by_time(last_dt + timedelta(days=i),
str(data["task_time"]))
test_days_in_a_month = [
y(i) for i in range(31)
if y(i).day == gaim_day_num and y(i) > last_dt
]
dts.extend(test_days_in_a_month)
dts.sort()
return dts
def get_all_users(request):
# data = json.loads(request.body.decode())
data = request.GET
pager = data["page"] if "page" in data.keys() else 1
query_sql = """select auth_user.id as uid, username, date_joined, email, identity, last_login, truename from auth_user
left join userprofile on auth_user.id = userprofile.user_id order by date_joined desc;"""
p = Paginator(
from_sql_get_data(query_sql, MPP_CONFIG=LOCAL_DBCONFIG)["data"], 10)
all_counts = p.count # 对象总数
page_count = p.num_pages # 总页数
pj = p.page(pager)
objs = pj.object_list
res_data = objs ## 主要的对象
return Response({
"res": res_data,
"page_count": page_count,
"pager": pager,
"all_counts": all_counts
})
def aicruiser_lists(request):
from proj.utils import from_sql_get_data
sql = """select * from self_cruiser;"""
datas = from_sql_get_data(sql)["data"]
res = []
for i in range(len(datas)):
temp = []
if datas[i]["level"] == "高危":
temp.append("<small class=\"label label-danger\">高危紧急</small>")
else:
temp.append("")
temp.append(datas[i]["start_time"])
temp.append(datas[i]["msg"])
temp.append(datas[i]["src_ip"])
temp.append(datas[i]["sport"])
temp.append("""<span class="badge bg-yellow" name="sign" id="opt{id}" onclick="jump_to_detail(this.id)">处置</span>""".format(id=datas[i]["id"]))
res.append(temp)
return JsonResponse({'res': res})
def json_dj_nodes(request):
if request.method == "POST":
w = int(request.POST["canvas_width"])
num_list_per_line = 5
## IP 和 Name 关系的映射
sql = """select ip,name from proj_ipbelongarea;"""
from proj.utils import from_sql_get_data
res_ips = from_sql_get_data(sql)["data"]
ips = [data["ip"] for data in res_ips]
temp_names = [data["name"] for data in res_ips]
names = [x[:5] + '..' if (len(x) > 5) else x for x in temp_names]
## 开始记录达到Session过程的操作
from .utils import get_all_ips_info_based_dialog
wx, zj = get_all_ips_info_based_dialog()
request.session["ip_info"] = {}
opts = from_sql_get_data("""select * from proj_eventdetail;""")["data"]
import numpy as np
deling_ids = np.unique(
[data["event_id"] for data in opts if data["event_stat"] == "签收"])
deled_ids = np.unique([
data["event_id"] for data in opts
if data["event_stat"] == "忽略" or data["event_stat"] == "完成"
])
"""说明: 这里和上个版本相比; 省略了在模板渲染过程中产生session的过程; 这里一步到位"""
res_stats = []
for index in range(len(ips)):
temp_json = {}
temp_wx = [data for data in wx if data["dst_ip"] == ips[index]]
temp_xj = [data for data in zj if data["ip"] == ips[index]]
temp_json.setdefault(
"wx",
[data for data in temp_wx if data["id"] not in deled_ids])
temp_json.setdefault(
"xj",
[data for data in temp_xj if data["eid"] not in deled_ids])
request.session["ip_info"].setdefault(ips[index], temp_json)
### 从这里开始准备节点的闪烁效果
from .utils import get_larm_node
current_ip_for_event_ids = [
data["id"] for data in temp_wx if data["id"] not in deled_ids
]
current_ip_for_event_ids.extend([
data["eid"] for data in temp_xj if data["eid"] not in deled_ids
])
current_ip_for_all_eids = [data["id"] for data in temp_wx]
current_ip_for_all_eids.extend([data["eid"] for data in temp_xj])
if len(current_ip_for_all_eids) > 0:
if any([id in deling_ids for id in current_ip_for_event_ids]):
## 处理状态
res_stats.append(2)
else:
if all([id in deled_ids
for id in current_ip_for_all_eids]):
## 完成状态
res_stats.append(1)
else:
## 全部未处理
res_stats.append(3)
else:
## 历史无隐患
res_stats.append(0)
df1, screen_xy_alfa = get_nodes_positon(w, num_list_per_line)
res = res_delay_type(res_stats, df1, screen_xy_alfa, ips, names)
return JsonResponse({"res": res})
def get_right_opt_info(e_id):
sql = """select * from proj_eventdetail where event_id={e_id};""".format(
e_id=int(e_id))
res = from_sql_get_data(sql)
res_data = res["data"]
import pandas as pd
df = pd.DataFrame(list(res_data))
days = [x["event_time"].date() for x in res_data]
### 对 天数去重
new_days = []
for day in days:
if day not in new_days:
new_days.append(day)
result_str = """"""
result_str += """ <!-- The time line -->
<ul class="timeline">
<!-- timeline time label -->
"""
first_day = True
for day in new_days:
result_str += """ <li class="time-label">
<span class="bg-green">
{date}
</span>
</li>""".format(date=day)
if first_day:
if int(e_id) < 10000000:
info = from_sql_get_data(
'select * from user_alert where id={}'.format(
e_id))["data"][0]
result_str += """<li>
<i class="fa bg-aqua"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> {event_time}</span>
<h3 class="timeline-header"><a href="#">系统告警</a></h3>
<div class="timeline-body">
{dst_ip} 向 {src_ip} 跨域攻击
</div>
</div>
</li>
<li>
<i class="fa bg-aqua"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> {event_time}</span>
<h3 class="timeline-header no-border"><a href="#">安全主管</a> </h3>
<div class="timeline-body">
admin002:提醒网络管理员处理
</div>
</li>""".format(event_time=str(info["start_time"]),
dst_ip=info["dst_ip"],
src_ip=info["src_ip"])
else:
info = from_sql_get_data("""select t.* from
(select vulner_temp.*,eid_connect_cruiser_id.id as eid from vulner_temp
left join eid_connect_cruiser_id
on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id) as t
where t.eid={};""".format(
e_id))["data"][0]
result_str += """<li>
<i class="fa bg-aqua"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> {event_time}</span>
<h3 class="timeline-header"><a href="#">智能巡检</a></h3>
<div class="timeline-body">
<strong>{src_ip}</strong> <strong>{msg}</strong>
</div>
</div>
</li>
<li>
<i class="fa bg-aqua"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> {event_time}</span>
<h3 class="timeline-header no-border"><a href="#">安全主管</a> </h3>
<div class="timeline-body">
superadmin:提醒网络管理员处理
</div>
</li>""".format(event_time=info["add_time"],
sport=info["port"],
src_ip=info["ip"],
msg=info["vulner_name"])
first_day = False
for e in [x for x in res_data if x["event_time"].date() == day]:
params = {
"event_time": e["event_time"].time(),
"extra_add": e['extra_add'],
"opreater_name": e["opreater_name"],
"event_stat": e["event_stat"]
}
result_str += """<li>
<i class="fa bg-aqua"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i>{event_time}</span>
<h3 class="timeline-header no-border"><a href="#">网络管理员</a> </h3>
<div class="timeline-body">
{opreater_name}: {extra_add}
</div>
</div>
</li>""".format(**params)
result_str += """<li>
<i class="fa fa-clock-o bg-gray"></i>
</li>
</ul>
"""
## print(result_str)
return result_str
def deled_detail_by_eid(e_id):
sql = """select t1.*, t2.* from (select * from proj_eventdetail where event_id={e_id}) as t2
left join
(select id as no_use_id, start_time, rule_id, src_ip, dst_ip, t2.rules_type as rules_type from
user_alert
left join (select sid, rules_type from regular) as t2
on user_alert.rule_id = t2.sid) as t1
on t1.no_use_id = t2.event_id;
""".format(e_id=int(e_id))
res = from_sql_get_data(sql)
res_data = res["data"]
import pandas as pd
df = pd.DataFrame(list(res_data))
days = [x["event_time"].date() for x in res_data]
### 对 天数去重
new_days = []
for day in days:
if day not in new_days:
new_days.append(day)
result_str = """"""
result_str += """ <!-- The time line -->
<ul class="timeline">
<!-- timeline time label -->
"""
i = 0
for day in new_days:
result_str += """ <li class="time-label">
<span class="bg-green">
{date}
</span>
</li>""".format(date=day)
for e in [x for x in res_data if x["event_time"].date() == day]:
## from .utils import judge_cate_from_ruleid
event_desc = """{event_time}, src:{src_ip}, dst:{dst_ip}, {b_cate}, url:{event_ref}""".format(
event_time=e["event_time"],
src_ip=e["src_ip"],
dst_ip=e['dst_ip'],
b_cate='数据泄露',
event_ref='待提取')
params = {
"e_time": e["event_time"].time(),
"event_cate": [judge_cate_from_ruleid(df["rule_id"][0])][0],
"event_desc": event_desc,
"extra_add": e['extra_add'],
"event_name": event_desc,
"opreater_name": e["opreater_name"],
"event_stat": e["event_stat"]
}
if i == 0:
result_str += """<li>
<i class="fa bg-aqua"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> {e_time}</span>
<h3 class="timeline-header"><a href="#">{event_cate}</a></h3>
<div class="timeline-body">
{event_name} <h3>发生</h3>
</div>
</div>
</li>""".format(**params)
else:
result_str += """<li><i class="fa bg-aqua"></i>
<div class="timeline-item">
<span class="time"><i class="fa fa-clock-o"></i> {e_time}</span>
<h3 class="timeline-header"><a href="#">{event_cate}</a></h3>
<h3>{event_stat}</h3>
<div class="timeline-body">
<strong>处理人:{opreater_name}</strong>
</br>
{extra_add}
</div>
</div>
</li>""".format(**params)
i += 1
result_str += """<li>
<i class="fa fa-clock-o bg-gray"></i>
</li>
</ul>
"""
## print(result_str)
return result_str
def cruiser_task_detail(request):
####### 生成 task_id -----
task_id = request.session["task_id"]
sql = """select t1.ip,t1.threat_code, t1.port, t1.vulner_name,t1.eid, t2.event_stat from
(select vulner_temp.*,eid_connect_cruiser_id.id as eid from
(select * from vulner_temp where task_id= '{task_id}') as vulner_temp
left join eid_connect_cruiser_id
on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id
) as t1
left join proj_eventdetail as t2
on t1.eid = t2.event_id
""".format(task_id=task_id)
datas = from_sql_get_data(sql)["data"]
if (len(datas) == 0):
return JsonResponse({"res": []})
res_str_array = []
res_stats = []
res_threat_codes = []
eids = np.unique([data["eid"] for data in datas])
for eid in eids:
temp_data = [data for data in datas if data["eid"] == eid]
if len(temp_data) == 0:
continue
if "签收" in [data["event_stat"] for data in temp_data]:
if "完成" in [data["event_stat"] for data in temp_data] or "忽略" in [
data["event_stat"] for data in temp_data
]:
del_stat = """<small class="label label-default">已处理</small>"""
res_stats.append(3)
else:
del_stat = """<small class="label label-warning">处理中</small>"""
res_stats.append(2)
else:
del_stat = """<small class="label label-danger">未处理</small>"""
res_stats.append(1)
res_threat_codes.append(int(temp_data[0]["threat_code"]))
params = {
"del_stat": del_stat,
"vulner_name": temp_data[0]["vulner_name"],
"safe_lever": int(temp_data[0]["threat_code"] * 33),
"eid": temp_data[0]["eid"],
"ip": temp_data[0]["ip"],
"port": temp_data[0]["port"],
}
line_string = """{del_stat},
{vulner_name},
<div class="progress progress-xs">
<div class="progress-bar progress-bar-success" style="width: {safe_lever}%"></div>
</div>,
{ip},
{port},
<span class="badge bg-yellow" onclick="jump_to_detail('opt{eid}')">处置</span>""".format(
**params)
res_str_array.append(line_string.split(","))
res_df = pd.DataFrame()
res_df["stat"] = res_stats
res_df["threat_code"] = res_threat_codes
res_df["str"] = res_str_array
res_str_df = res_df.sort(columns=['stat', "threat_code"], ascending=True)
return JsonResponse({"res": list(res_str_df["str"])})
def run_script():
ts = pd.DataFrame(
list(from_sql_get_data("""select * from scan_task_temp;""")
["data"]))["task_id"]
connect_eid_with_vulnerid_script(get_uniq_ids_from_vulner(ts[len(ts) - 1]))
print("执行完成")
def index_flash(request):
all_mf = from_sql_get_data(
"select * from user_alert where id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');"
)["data"]
num = len(all_mf)
num2 = len(
from_sql_get_data(
"select * from self_cruiser where id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');"
)["data"])
res_str_data_from_db = ""
if num > 0:
res_str_data_from_db += "{num} 攻击威胁".format(num=num)
if num2 > 0:
res_str_data_from_db += " {num2} 安全隐患".format(num2=num2)
if num + num2 == 0:
res_str_data_from_db = "undefined"
res = {
"res": [{
"elementType": "node",
"x": 115,
"y": 167,
"id": 19205,
"Image": "newpics/1.png",
"scaleX": 0.9000000000000001,
"text": "网络和安全设备区",
"textPosition": "Bottom_Center",
"larm": "undefined"
}, {
"elementType": "node",
"x": 600,
"y": 167,
"id": 100200,
"Image": "newpics/2.png",
"scaleX": 0.9000000000000001,
"text": "服务器区",
"textPosition": "Bottom_Center",
"larm": "3 条告警信息"
}, {
"elementType": "node",
"x": 107,
"y": 573,
"id": 61311,
"Image": "newpics/3.png",
"scaleX": 0.9000000000000001,
"text": "A栋",
"textPosition": "Bottom_Center",
"larm": "undefined"
}, {
"elementType": "node",
"x": 747,
"y": 592,
"id": 442224,
"Image": "newpics/4.png",
"scaleX": 0.9000000000000001,
"text": "食堂",
"textPosition": "Bottom_Center",
"larm": "undefined"
}, {
"elementType": "node",
"x": 172,
"y": 44,
"id": 7568,
"Image": "newpics/5.png",
"scaleX": 1.1,
"text": "",
"textPosition": "Top_Center",
"larm": "undefined"
}, {
"elementType": "node",
"x": 434,
"y": 401,
"id": 174034,
"Image": "newpics/6.png",
"scaleX": 1.5,
"text": "",
"textPosition": "Bottom_Center",
"larm": "undefined"
}, {
"elementType": "node",
"x": 417,
"y": 579,
"id": 241443,
"Image": "newpics/3.png",
"scaleX": 0.9000000000000001,
"text": "B栋",
"textPosition": "Bottom_Center",
"larm": "undefined"
}, {
"elementType": "link",
"nodeAid": 7568,
"nodeZid": 19205,
"text": "",
"fontColor": "0, 200, 255"
}, {
"elementType": "link",
"nodeAid": 19205,
"nodeZid": 174034,
"text": "",
"fontColor": "0, 200, 255"
}, {
"elementType": "link",
"nodeAid": 174034,
"nodeZid": 100200,
"text": "",
"fontColor": "0, 200, 255"
}, {
"elementType": "link",
"nodeAid": 174034,
"nodeZid": 442224,
"text": "",
"fontColor": "0, 200, 255"
}, {
"elementType": "link",
"nodeAid": 61311,
"nodeZid": 174034,
"text": "",
"fontColor": "0, 200, 255"
}, {
"elementType": "link",
"nodeAid": 174034,
"nodeZid": 241443,
"text": "",
"fontColor": "0, 200, 255"
}]
}
for x in res["res"]:
if x["text"] == "服务器区":
x["larm"] = res_str_data_from_db
## 进入二级页面保存 cookie 后期在这里保存
return JsonResponse(res)
def second_page_data(request):
if request.method == "POST":
sql = """select * from proj_ipbelongarea where area='{area}'""".format(
area=request.session["area"])
res = from_sql_get_data(sql)
datas = res["data"]
temp_data = []
unique_ips = []
for data in datas:
if data["ip"] not in unique_ips:
unique_ips.append(data["ip"])
g_dict = {}
g_dict.setdefault("ip", data["ip"])
g_dict.setdefault("name", data["name"])
g_dict.setdefault("tc_text", data["tc_text"])
g_dict.setdefault("belongCate", data["belongCate"])
temp_data.append(g_dict)
fang = int(len(temp_data)**(0.5)) + 1
if abs((len(temp_data)**(0.5)) -
(int(len(temp_data)**(0.5)))) < 0.0001:
fang = int(len(temp_data))**0.5
########## 根据当前情况创建 get_json ###data 里面记录Node信息
data = []
height, width = request.POST["canvas_height"], request.POST[
"canvas_width"]
from proj.utils import get_canvas_config
canvas_config = get_canvas_config(width, height, fang)
## fang = canvas_config["fang"]
request.session["gj"] = {}
request.session["xj"] = {}
## 告警和威胁全部设置为空的字典
for index in range(len(temp_data)):
lie = index % canvas_config["fang"]
hang = int(index / canvas_config["fang"])
img = [
"server.png"
if temp_data[index]["belongCate"] == "server" else "host.png"
][0]
larm = temp_data[index]["tc_text"]
input_ip = temp_data[index]["ip"]
all_mf = from_sql_get_data(
"select id,src_ip,dst_ip from user_alert where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');"
.format(ip=input_ip))["data"]
request.session["gj"].setdefault(input_ip, all_mf)
larm = [
"{num} 攻击威胁 ".format(
num=len(all_mf)) if len(all_mf) > 0 else ""
][0]
wx_df = from_sql_get_data(
"select id,src_ip,msg,sport,level from self_cruiser where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');"
.format(ip=input_ip))["data"]
request.session["xj"].setdefault(input_ip, wx_df)
larm += [
" {num} 安全隐患 ".format(
num=len(wx_df)) if len(wx_df) > 0 else ""
][0]
if (len(all_mf) + len(wx_df) == 0):
larm = "undefined"
params = {
"elementType": "node",
"x": canvas_config["left_blank"] +
canvas_config["left_space"] * lie,
"y":
canvas_config["top_blank"] + canvas_config["top_space"] * hang,
"id": index + 1,
"Image": img,
"larm": larm,
"scaleX": 1.3,
"textPosition": "Bottom_Center",
"text": temp_data[index]["name"],
"ip": temp_data[index]["ip"],
}
data.append(params)
return JsonResponse({"res": data, "fang": fang})
def new_dialog(request):
ip = request.GET["ip"]
if "area" not in request.session.keys():
request.session["area"] = "服务器区"
sql = """select * from proj_ipbelongarea where area='{area}' and ip='{ip}';""".format(
area=request.session["area"], ip=ip)
res = from_sql_get_data(sql)
element = res["data"][0]
######### 告警和威胁 #################
gj = request.session["gj"]
xj = request.session["xj"]
if len(xj[ip]) == 0:
res_aqyh_dialog = """无告警"""
else:
temp_df_xj = xj[ip]
res_aqyh_dialog = """"""
index = 0
for data in temp_df_xj:
index += 1
el = """"""
if data["level"] == "高危":
el = """<small class="label label-danger">高危紧急</small>"""
params = {
"index": index,
"event_msg": data["msg"],
"event_level": el,
"event_id": data["id"],
}
temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td>
<td>{event_level}</td>
<td>{event_msg}漏洞</td>
<td><i class="fa fa-gavel" name="gavel" ></i></td>
</tr>""".format(**params)
res_aqyh_dialog += temp_str
if len(gj[ip]) == 0:
res_gjwx_dialog = """无告警"""
else:
res_gjwx_dialog = ""
temp_df_wx = gj[ip]
index = 0
for data in temp_df_wx:
index += 1
event_type = from_sql_get_data(
"""select regular.* from
(select * from user_alert where id = {event_id}) as t1
left join regular
on t1.rule_id = regular.sid"""
.format(event_id=data["id"]))["data"][0]["msg"]
params = {
"index": index,
"src_ip": data["src_ip"],
"dst_ip": data["dst_ip"],
"event_id": data["id"],
"event_type": event_type
}
temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td>
<td>{event_type}</td>
<td>
<i class="fa fa-gavel" ></i>
</td></tr>""".format(**params)
res_gjwx_dialog += temp_str
dialog_html = """<h5>当前区域:<span>""" + element["area"] + """</span></h5>
<h5>名称:<span>""" + element["name"] + """</span></h5>
<h5>IP:<span>""" + element["ip"] + """</span></h5>
<h5>安全隐患</h5>
<table class="table table-bordered table-striped">
<tbody>
""" + res_aqyh_dialog + """
</tbody>
</table>
<h5>攻击威胁</h5>
<table class="table table-bordered table-striped gongji">
<tbody>""" + res_gjwx_dialog + """</tbody></table>"""
return HttpResponse(dialog_html)
def add_ip(request):
if ip in from_sql_get_data('select ip from proj_ipbelongarea;')['data']:
return HttpResponse("ip已经在其中了")
sql = """insert into proj_ipbelongarea(ip, name, belongCate, tc_text, add_date, area)
values('{ip}', '{name}', '{belongCate}', '{tc_text}', '{add_date}', '{area}')"""
return factory_jip(request, sql, "添加")
def second_page_json(request):
if request.method == "POST":
sql = "select * from jtopot_jips;"
res = from_sql_get_data(sql)
datas = res["data"]
temp_data = []
unique_ips = []
for data in datas:
if data["ip"] not in unique_ips:
unique_ips.append(data["ip"])
g_dict = {}
g_dict.setdefault("ip", data["ip"])
g_dict.setdefault("name", data["name"])
g_dict.setdefault("stat", data["stat"])
g_dict.setdefault("tc_text", data["tc_text"])
g_dict.setdefault("belongCate", data["belongCate"])
temp_data.append(g_dict)
fang = int(len(temp_data)**(0.5)) + 1
if abs((len(temp_data)**(0.5)) -
(int(len(temp_data)**(0.5)))) < 0.0001:
fang = int(len(temp_data))**0.5
########## 根据当前情况创建 get_json ###data 里面记录Node信息
data = []
height, width = request.POST["canvas_height"], request.POST[
"canvas_width"]
from .utils import get_canvas_config
canvas_config = get_canvas_config(width, height, fang)
## fang = canvas_config["fang"]
for index in range(len(temp_data)):
lie = index % canvas_config["fang"]
hang = int(index / canvas_config["fang"])
img = [
"server.png"
if temp_data[index]["belongCate"] == "server" else "host.png"
][0]
larm = [
temp_data[index]["tc_text"]
if temp_data[index]["stat"] == 1 else "undefined"
][0]
params = {
"elementType": "node",
"x": canvas_config["left_blank"] +
canvas_config["left_space"] * lie,
"y":
canvas_config["top_blank"] + canvas_config["top_space"] * hang,
"id": index + 1,
"Image": img,
"larm": larm,
"scaleX": 1.3,
"textPosition": "Bottom_Center",
"text": temp_data[index]["name"],
"ip": temp_data[index]["ip"],
}
data.append(params)
return JsonResponse({"res": data, "fang": fang})
def dj_ip_dialog(request):
ip = request.GET["ip"]
sql = """select * from proj_ipbelongarea where ip='{ip}';""".format(ip=ip)
res = from_sql_get_data(sql)
element = res["data"][0]
## 攻击威胁和智能巡检
wx = request.session["ip_info"][ip]["wx"]
xj = request.session["ip_info"][ip]["xj"]
## 先来巡检的
if len(xj) == 0:
res_aqyh_dialog = """无告警"""
else:
temp_df_xj = xj
res_aqyh_dialog = """"""
index = 0
for data in temp_df_xj:
index += 1
el = """"""
if data["threat_code"] > 1:
el = """<small class="label label-danger">高危紧急</small>"""
params = {
"index": index,
"event_msg": data["vulner_name"],
"event_level": el,
"event_id": data["eid"],
}
temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td>
<td>{event_level}</td>
<td>{event_msg}漏洞</td>
<td><i class="fa fa-gavel" name="gavel" ></i></td>
</tr>""".format(**params)
res_aqyh_dialog += temp_str
## 再来威胁预警的消息
if len(wx) == 0:
res_gjwx_dialog = """无告警"""
else:
res_gjwx_dialog = ""
temp_df_wx = wx
index = 0
for data in temp_df_wx:
index += 1
params = {
"index": index,
"src_ip": data["src_ip"],
"dst_ip": data["dst_ip"],
"event_id": data["id"],
"event_type": data["rules_type"]
}
temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td>
<td>{event_type}</td>
<td>
<i class="fa fa-gavel" ></i>
</td></tr>""".format(**params)
res_gjwx_dialog += temp_str
dialog_html = """<h5>当前区域:<span>""" + element["area"] + """</span></h5>
<h5>名称:<span>""" + element["name"] + """</span></h5>
<h5>IP:<span>""" + element["ip"] + """</span></h5>
<h5>安全隐患</h5>
<table class="table table-bordered table-striped">
<tbody>
""" + res_aqyh_dialog + """
</tbody>
</table>
<h5>攻击威胁</h5>
<table class="table table-bordered table-striped gongji">
<tbody>""" + res_gjwx_dialog + """</tbody></table>"""
return HttpResponse(dialog_html)
def edit2(request):
from proj.utils import sql_action, from_sql_get_data
request.session["gj"] = {}
request.session["xj"] = {}
user_oprete_data = from_sql_get_data("""
select t1.event_stat, user_alert.src_ip as gj_ip, t1.event_id as eid, self_cruiser.src_ip as zj_ip from
(select * from proj_eventdetail) as t1
left join
user_alert
on t1.event_id = user_alert.id
left join
self_cruiser
on t1.event_id = self_cruiser.id;""")["data"]
import pandas as pd
opt_df = pd.DataFrame(list(user_oprete_data))
request.session["ip_stats"] = {}
for input_ip in ["192.168.100.114", "192.168.100.120"]:
all_mf = from_sql_get_data(
"select id,src_ip,dst_ip from user_alert where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');"
.format(ip=input_ip))["data"]
request.session["gj"].setdefault(input_ip, all_mf)
wx_df = from_sql_get_data(
"select id,src_ip,msg,sport,level from self_cruiser where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');"
.format(ip=input_ip))["data"]
request.session["xj"].setdefault(input_ip, wx_df)
gj_df = opt_df[opt_df["gj_ip"] == input_ip]
zj_df = opt_df[opt_df["zj_ip"] == input_ip]
if (len(gj_df) + len(zj_df) == 0):
request.session["ip_stats"].setdefault(input_ip, "未处理")
continue
all_event_id = pd.DataFrame((from_sql_get_data(
"""select id from user_alert where src_ip = '{ip}'
union select id from self_cruiser where src_ip = '{ip}'"""
.format(ip=input_ip))["data"]))["id"]
flag = False
import numpy as np
for id in [str(x) for x in all_event_id]:
if (len(gj_df) > 0 and int(id) < 10000):
if (id not in gj_df[gj_df["event_stat"] == "完成"]["eid"]) and (
id not in gj_df[gj_df["event_stat"] == "忽略"]["eid"]):
print(id)
print(list(gj_df[gj_df["event_stat"] == "完成"]["eid"]))
print(
id in list(gj_df[gj_df["event_stat"] == "完成"]["eid"]))
flag = True
request.session["ip_stats"].setdefault(input_ip, "处理中")
if (len(zj_df) > 0 and int(id) > 10000):
if (id not in zj_df[zj_df["event_stat"] == "完成"]["eid"]) and (
id not in zj_df[zj_df["event_stat"] == "忽略"]["eid"]):
print("???? " + str(id))
print(zj_df)
flag = True
request.session["ip_stats"].setdefault(input_ip, "处理中")
if not flag:
print("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1")
request.session["ip_stats"].setdefault(input_ip, "完成")
return render(request, "jtopot/edit2.html", {})