def vulner_lists(request): from proj.utils import from_sql_get_data ## 设置当前最近的一个任务的信息; 完成度为100% 的最近的一个任务 pre_sql = """select * from scan_task_temp where t_status=2 and t_ecode=0 and t_progress=100 and has_results > 0 order by t_update_time desc;""" current_ok_task = from_sql_get_data(pre_sql)["data"][0] task_id = current_ok_task["task_id"] sql = """select vulner_temp.*, t2.id as id from (select * from vulner_temp where task_id = '{task_id}')as vulner_temp left join eid_connect_cruiser_id as t2 on vulner_temp.uniq_id = t2.vulner_id;""".format(task_id=task_id) datas = from_sql_get_data(sql)["data"] res = [] for i in range(len(datas)): temp = [] # NOte: 可以在这个位置增加上已完成处理等的标签; 目前省略掉了。 if int(datas[i]["threat_code"]) > 1: temp.append("<small class=\"label label-danger\">高危紧急</small>") else: temp.append("") temp.append(datas[i]["add_time"]) temp.append(datas[i]["vulner_name"]) temp.append(datas[i]["ip"]) temp.append(datas[i]["port"]) temp.append("""<span class="badge bg-yellow" name="sign" id="opt{id}" onclick="jump_to_detail(this.id)">处置</span>""".format(id=datas[i]["id"])) res.append(temp) return JsonResponse({'res': res})
def cruiser_home_info(request): ## 对于每一个 task_id 产生的数据进行整合分析; sql = """select t3.*,t4.t_add_time from(select t1.task_id, t1.eid, t1.threat_code, t2.event_stat from (select vulner_temp.*,eid_connect_cruiser_id.id as eid from vulner_temp left join eid_connect_cruiser_id on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id ) as t1 left join proj_eventdetail as t2 on t1.eid = t2.event_id ) as t3 left join scan_task_temp as t4 on t4.task_id=t3.task_id;""" datas = from_sql_get_data(sql)["data"] all_ids = np.unique([data["eid"] for data in datas]) deling_ids = np.unique( [data["eid"] for data in datas if data["event_stat"] == "签收"]) not_deled_ids = [id for id in all_ids if id not in deling_ids] return JsonResponse({ "res": { "all_num": len(all_ids), "deling_ids": len(deling_ids), "not_deled_ids": len(not_deled_ids), } })
def get_uniq_ids_from_vulner(task_id): res_ids = pd.DataFrame( list( from_sql_get_data( """select * from vulner_temp where task_id=`{task_id}`};""". format(task_id=task_id))["data"]))["vulner_id"] return res_ids
def vulner_task_lists(request): sql = """select * from cruiser_task_temp;""" datas = from_sql_get_data(sql)["data"] res_str_array = [] for data in datas: check_stat = "unchecked" if int(data["used"]) > 0: check_stat = "checked" params = { "task_desc": data["task_desc"], "run_onday": data["run_onday"], "task_time": data["task_time"], "check_stat": check_stat, "id": data["id"] } temp_str = """{task_desc}, {run_onday} {task_time}, <input name="my-checkbox" type="checkbox" class="switch-small" {check_stat} id="task_checked{id}" />, <i class="fa fa-eyedropper ifir" onclick="modify_task_by_id({id})"></i> <i class="fa fa-remove isec" style="margin-left:20px;" onclick="delete_task_by_id({id})"></i>, {id}""".format(**params) res_str_array.append(temp_str.split(",")) return JsonResponse({"res": res_str_array})
def get_scanning_area(request): sql = """select * from proj_ipbelongarea;""" datas = from_sql_get_data(sql)["data"] res = [[ data["ip"], data["name"], data["area"], """<i class="fa faifir"></i> <i -eyedropper class="fa fa-remove isec" style="margin-left:20px;" onclick="delete_ip_from_topoarea('""" + data["ip"] + """')"></i>""", data["id"] ] for data in datas] return JsonResponse({"res": res})
def get_all_ips_info_based_dialog(): from proj.utils import from_sql_get_data import pandas as pd ## 威胁预警 sql = """select id, rule_id, src_ip, dst_ip, t2.rules_type as rules_type from user_alert left join (select sid, rules_type from regular) as t2 on user_alert.rule_id = t2.sid;""" gjwx = from_sql_get_data(sql)["data"] ## 智能巡检 sql2 = """select vulner_temp.vulner_name, vulner_temp.ip, vulner_temp.threat_code, eid_connect_cruiser_id.id as eid from vulner_temp left join eid_connect_cruiser_id on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id ;""" znxj = from_sql_get_data(sql2)["data"] return gjwx, znxj
def all_cruser_history(request): ## 对于每一个 task_id 产生的数据进行整合分析; sql = """select t3.*,t4.t_add_time from(select t1.task_id, t1.eid, t1.threat_code, t2.event_stat from (select vulner_temp.*,eid_connect_cruiser_id.id as eid from vulner_temp left join eid_connect_cruiser_id on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id ) as t1 left join proj_eventdetail as t2 on t1.eid = t2.event_id ) as t3 left join scan_task_temp as t4 on t4.task_id=t3.task_id;""" datas = from_sql_get_data(sql)["data"] tasks = np.unique([data["task_id"] for data in datas]) res_str_array = [] for task_id in tasks: temp_task = [data for data in datas if data["task_id"] == task_id] if len(temp_task) == 0: continue task_dt = temp_task[0]["t_add_time"] all_terms_num = len(np.unique([x["eid"] for x in temp_task])) danger_terms_num = len([x for x in temp_task if x["threat_code"] > 1]) ## 有签收状态代表处理中的总数 lined_terms_num = len( np.unique([x["eid"] for x in temp_task if x["event_stat"] == "签收"])) deled_num = len( np.unique([ x["eid"] for x in temp_task if x["event_stat"] == "忽略" or x["event_stat"] == "完成" ])) params = { "task_dt": task_dt, "all_terms_num": all_terms_num, "danger_terms_num": danger_terms_num, "not_deled_num": all_terms_num - lined_terms_num, "task_id": task_id } if (all_terms_num - deled_num == 0): temp_str = """日常,{task_dt},{all_terms_num} 个隐患 {danger_terms_num} 个高危, <small class="label label-default">已处理</small>,<span class="badge bg-white" onclick="judge_to_risk_d_s('{task_id}')">查看</span>""".format( **params) else: ## 任务, 执行时间, 隐患数, 处理情况, 处置 temp_str = """日常,{task_dt},{all_terms_num} 个隐患 {danger_terms_num} 个高危, <small class="label label-danger">{not_deled_num}个未处理</small>,<span class="badge bg-yellow" onclick="judge_to_risk_d_s('{task_id}')">处置</span>""".format( **params) res_str_array.append(temp_str.split(",")) return JsonResponse({"res": res_str_array})
def task_prefor_list(request): sql = """select * from (select * from scan_task_temp where t_status=2 and t_ecode=0 order by t_update_time desc limit 3)as t order by t_update_time;""" datas = from_sql_get_data(sql)["data"] res_table_tr_strs = """""" for data in datas: # temp_dt = datetime(*[int(x) for x in str(data["t_update_time"]).split(" ")[0].split("-")], # *[int(x) for x in str(data["t_update_time"]).split(" ")[1].split(":")]) temp_dt = data["t_update_time"] task_dt = str(temp_dt.month) + \ "月" + str(temp_dt.day) + \ "日" + " " + str(temp_dt.hour) + \ "." + str(temp_dt.minute) params = { "task_dt": task_dt, "task_progress": data["t_progress"], } temp_str = """<tr> <td>{task_dt}</td> <td>日常</td> <td> <div class="progress-bar" role="progressbar" aria-valuenow="{task_progress}" aria-valuemin="0" aria-valuemax="100" style="width: {task_progress}%;"> <span class="">{task_progress}%</span> </div> </td> </tr>""".format(**params) res_table_tr_strs += temp_str ## 首先在末尾装载两个 准备执行的任务 from .utils import get_pre_task_dts for dt in get_pre_task_dts(datetime.now())[:2]: temp_str = """<tr> <td>{task_dt}</td> <td>日常</td> <td> <div class="progress-bar" role="progressbar" aria-valuenow="0" aria-valuemin="0" aria-valuemax="100" style="width: 0%;"> <span class="">0%</span> </div> </td> </tr>""".format(task_dt=str(dt.month) + \ "月" + str(dt.day) + \ "日" + " " + str(dt.hour) + \ "." + str(dt.minute)) res_table_tr_strs += temp_str return HttpResponse(res_table_tr_strs)
def get_pre_task_dts(last_dt): datas = from_sql_get_data( """select * from cruiser_task_temp where used = 1;""")["data"] cn_week_days = ["日", "一", "二", "三", "四", "五", "六"] dts = [] for data in datas: if data["run_onday"] == "每天": y = lambda i: get_dt_by_time(last_dt + timedelta(days=i), str(data["task_time"])) test_days_in_a_eday = [y(i) for i in range(2) if y(i) > last_dt] dts.extend(test_days_in_a_eday) ## 这里用了两个小技巧: 1全局设置调用本脚本模拟时间; 2,星期队列判断 if len(data["run_onday"].split("星期")) > 1: cn_current_weekday = data["run_onday"].split("星期")[1] gaim_week_day = [ i for i in range(len(cn_week_days)) if cn_week_days[i] == cn_current_weekday ][0] y = lambda i: get_dt_by_time(last_dt + timedelta(days=i), str(data["task_time"])) test_days_in_a_week = [ y(i) for i in range(14) if y(i).weekday() == gaim_week_day and y(i) > last_dt ] dts.extend(test_days_in_a_week) import re if re.match("""每月(\d+)号""", data["run_onday"]): gaim_day_num = int( re.findall("""每月(\d+)号""", data["run_onday"])[0]) ## 遍历 `31` 天内 \d 号的日期集合 y = lambda i: get_dt_by_time(last_dt + timedelta(days=i), str(data["task_time"])) test_days_in_a_month = [ y(i) for i in range(31) if y(i).day == gaim_day_num and y(i) > last_dt ] dts.extend(test_days_in_a_month) dts.sort() return dts
def get_all_users(request): # data = json.loads(request.body.decode()) data = request.GET pager = data["page"] if "page" in data.keys() else 1 query_sql = """select auth_user.id as uid, username, date_joined, email, identity, last_login, truename from auth_user left join userprofile on auth_user.id = userprofile.user_id order by date_joined desc;""" p = Paginator( from_sql_get_data(query_sql, MPP_CONFIG=LOCAL_DBCONFIG)["data"], 10) all_counts = p.count # 对象总数 page_count = p.num_pages # 总页数 pj = p.page(pager) objs = pj.object_list res_data = objs ## 主要的对象 return Response({ "res": res_data, "page_count": page_count, "pager": pager, "all_counts": all_counts })
def aicruiser_lists(request): from proj.utils import from_sql_get_data sql = """select * from self_cruiser;""" datas = from_sql_get_data(sql)["data"] res = [] for i in range(len(datas)): temp = [] if datas[i]["level"] == "高危": temp.append("<small class=\"label label-danger\">高危紧急</small>") else: temp.append("") temp.append(datas[i]["start_time"]) temp.append(datas[i]["msg"]) temp.append(datas[i]["src_ip"]) temp.append(datas[i]["sport"]) temp.append("""<span class="badge bg-yellow" name="sign" id="opt{id}" onclick="jump_to_detail(this.id)">处置</span>""".format(id=datas[i]["id"])) res.append(temp) return JsonResponse({'res': res})
def json_dj_nodes(request): if request.method == "POST": w = int(request.POST["canvas_width"]) num_list_per_line = 5 ## IP 和 Name 关系的映射 sql = """select ip,name from proj_ipbelongarea;""" from proj.utils import from_sql_get_data res_ips = from_sql_get_data(sql)["data"] ips = [data["ip"] for data in res_ips] temp_names = [data["name"] for data in res_ips] names = [x[:5] + '..' if (len(x) > 5) else x for x in temp_names] ## 开始记录达到Session过程的操作 from .utils import get_all_ips_info_based_dialog wx, zj = get_all_ips_info_based_dialog() request.session["ip_info"] = {} opts = from_sql_get_data("""select * from proj_eventdetail;""")["data"] import numpy as np deling_ids = np.unique( [data["event_id"] for data in opts if data["event_stat"] == "签收"]) deled_ids = np.unique([ data["event_id"] for data in opts if data["event_stat"] == "忽略" or data["event_stat"] == "完成" ]) """说明: 这里和上个版本相比; 省略了在模板渲染过程中产生session的过程; 这里一步到位""" res_stats = [] for index in range(len(ips)): temp_json = {} temp_wx = [data for data in wx if data["dst_ip"] == ips[index]] temp_xj = [data for data in zj if data["ip"] == ips[index]] temp_json.setdefault( "wx", [data for data in temp_wx if data["id"] not in deled_ids]) temp_json.setdefault( "xj", [data for data in temp_xj if data["eid"] not in deled_ids]) request.session["ip_info"].setdefault(ips[index], temp_json) ### 从这里开始准备节点的闪烁效果 from .utils import get_larm_node current_ip_for_event_ids = [ data["id"] for data in temp_wx if data["id"] not in deled_ids ] current_ip_for_event_ids.extend([ data["eid"] for data in temp_xj if data["eid"] not in deled_ids ]) current_ip_for_all_eids = [data["id"] for data in temp_wx] current_ip_for_all_eids.extend([data["eid"] for data in temp_xj]) if len(current_ip_for_all_eids) > 0: if any([id in deling_ids for id in current_ip_for_event_ids]): ## 处理状态 res_stats.append(2) else: if all([id in deled_ids for id in current_ip_for_all_eids]): ## 完成状态 res_stats.append(1) else: ## 全部未处理 res_stats.append(3) else: ## 历史无隐患 res_stats.append(0) df1, screen_xy_alfa = get_nodes_positon(w, num_list_per_line) res = res_delay_type(res_stats, df1, screen_xy_alfa, ips, names) return JsonResponse({"res": res})
def get_right_opt_info(e_id): sql = """select * from proj_eventdetail where event_id={e_id};""".format( e_id=int(e_id)) res = from_sql_get_data(sql) res_data = res["data"] import pandas as pd df = pd.DataFrame(list(res_data)) days = [x["event_time"].date() for x in res_data] ### 对 天数去重 new_days = [] for day in days: if day not in new_days: new_days.append(day) result_str = """""" result_str += """ <!-- The time line --> <ul class="timeline"> <!-- timeline time label --> """ first_day = True for day in new_days: result_str += """ <li class="time-label"> <span class="bg-green"> {date} </span> </li>""".format(date=day) if first_day: if int(e_id) < 10000000: info = from_sql_get_data( 'select * from user_alert where id={}'.format( e_id))["data"][0] result_str += """<li> <i class="fa bg-aqua"></i> <div class="timeline-item"> <span class="time"><i class="fa fa-clock-o"></i> {event_time}</span> <h3 class="timeline-header"><a href="#">系统告警</a></h3> <div class="timeline-body"> {dst_ip} 向 {src_ip} 跨域攻击 </div> </div> </li> <li> <i class="fa bg-aqua"></i> <div class="timeline-item"> <span class="time"><i class="fa fa-clock-o"></i> {event_time}</span> <h3 class="timeline-header no-border"><a href="#">安全主管</a> </h3> <div class="timeline-body"> admin002:提醒网络管理员处理 </div> </li>""".format(event_time=str(info["start_time"]), dst_ip=info["dst_ip"], src_ip=info["src_ip"]) else: info = from_sql_get_data("""select t.* from (select vulner_temp.*,eid_connect_cruiser_id.id as eid from vulner_temp left join eid_connect_cruiser_id on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id) as t where t.eid={};""".format( e_id))["data"][0] result_str += """<li> <i class="fa bg-aqua"></i> <div class="timeline-item"> <span class="time"><i class="fa fa-clock-o"></i> {event_time}</span> <h3 class="timeline-header"><a href="#">智能巡检</a></h3> <div class="timeline-body"> <strong>{src_ip}</strong> <strong>{msg}</strong> </div> </div> </li> <li> <i class="fa bg-aqua"></i> <div class="timeline-item"> <span class="time"><i class="fa fa-clock-o"></i> {event_time}</span> <h3 class="timeline-header no-border"><a href="#">安全主管</a> </h3> <div class="timeline-body"> superadmin:提醒网络管理员处理 </div> </li>""".format(event_time=info["add_time"], sport=info["port"], src_ip=info["ip"], msg=info["vulner_name"]) first_day = False for e in [x for x in res_data if x["event_time"].date() == day]: params = { "event_time": e["event_time"].time(), "extra_add": e['extra_add'], "opreater_name": e["opreater_name"], "event_stat": e["event_stat"] } result_str += """<li> <i class="fa bg-aqua"></i> <div class="timeline-item"> <span class="time"><i class="fa fa-clock-o"></i>{event_time}</span> <h3 class="timeline-header no-border"><a href="#">网络管理员</a> </h3> <div class="timeline-body"> {opreater_name}: {extra_add} </div> </div> </li>""".format(**params) result_str += """<li> <i class="fa fa-clock-o bg-gray"></i> </li> </ul> """ ## print(result_str) return result_str
def deled_detail_by_eid(e_id): sql = """select t1.*, t2.* from (select * from proj_eventdetail where event_id={e_id}) as t2 left join (select id as no_use_id, start_time, rule_id, src_ip, dst_ip, t2.rules_type as rules_type from user_alert left join (select sid, rules_type from regular) as t2 on user_alert.rule_id = t2.sid) as t1 on t1.no_use_id = t2.event_id; """.format(e_id=int(e_id)) res = from_sql_get_data(sql) res_data = res["data"] import pandas as pd df = pd.DataFrame(list(res_data)) days = [x["event_time"].date() for x in res_data] ### 对 天数去重 new_days = [] for day in days: if day not in new_days: new_days.append(day) result_str = """""" result_str += """ <!-- The time line --> <ul class="timeline"> <!-- timeline time label --> """ i = 0 for day in new_days: result_str += """ <li class="time-label"> <span class="bg-green"> {date} </span> </li>""".format(date=day) for e in [x for x in res_data if x["event_time"].date() == day]: ## from .utils import judge_cate_from_ruleid event_desc = """{event_time}, src:{src_ip}, dst:{dst_ip}, {b_cate}, url:{event_ref}""".format( event_time=e["event_time"], src_ip=e["src_ip"], dst_ip=e['dst_ip'], b_cate='数据泄露', event_ref='待提取') params = { "e_time": e["event_time"].time(), "event_cate": [judge_cate_from_ruleid(df["rule_id"][0])][0], "event_desc": event_desc, "extra_add": e['extra_add'], "event_name": event_desc, "opreater_name": e["opreater_name"], "event_stat": e["event_stat"] } if i == 0: result_str += """<li> <i class="fa bg-aqua"></i> <div class="timeline-item"> <span class="time"><i class="fa fa-clock-o"></i> {e_time}</span> <h3 class="timeline-header"><a href="#">{event_cate}</a></h3> <div class="timeline-body"> {event_name} <h3>发生</h3> </div> </div> </li>""".format(**params) else: result_str += """<li><i class="fa bg-aqua"></i> <div class="timeline-item"> <span class="time"><i class="fa fa-clock-o"></i> {e_time}</span> <h3 class="timeline-header"><a href="#">{event_cate}</a></h3> <h3>{event_stat}</h3> <div class="timeline-body"> <strong>处理人:{opreater_name}</strong> </br> {extra_add} </div> </div> </li>""".format(**params) i += 1 result_str += """<li> <i class="fa fa-clock-o bg-gray"></i> </li> </ul> """ ## print(result_str) return result_str
def cruiser_task_detail(request): ####### 生成 task_id ----- task_id = request.session["task_id"] sql = """select t1.ip,t1.threat_code, t1.port, t1.vulner_name,t1.eid, t2.event_stat from (select vulner_temp.*,eid_connect_cruiser_id.id as eid from (select * from vulner_temp where task_id= '{task_id}') as vulner_temp left join eid_connect_cruiser_id on vulner_temp.uniq_id = eid_connect_cruiser_id.vulner_id ) as t1 left join proj_eventdetail as t2 on t1.eid = t2.event_id """.format(task_id=task_id) datas = from_sql_get_data(sql)["data"] if (len(datas) == 0): return JsonResponse({"res": []}) res_str_array = [] res_stats = [] res_threat_codes = [] eids = np.unique([data["eid"] for data in datas]) for eid in eids: temp_data = [data for data in datas if data["eid"] == eid] if len(temp_data) == 0: continue if "签收" in [data["event_stat"] for data in temp_data]: if "完成" in [data["event_stat"] for data in temp_data] or "忽略" in [ data["event_stat"] for data in temp_data ]: del_stat = """<small class="label label-default">已处理</small>""" res_stats.append(3) else: del_stat = """<small class="label label-warning">处理中</small>""" res_stats.append(2) else: del_stat = """<small class="label label-danger">未处理</small>""" res_stats.append(1) res_threat_codes.append(int(temp_data[0]["threat_code"])) params = { "del_stat": del_stat, "vulner_name": temp_data[0]["vulner_name"], "safe_lever": int(temp_data[0]["threat_code"] * 33), "eid": temp_data[0]["eid"], "ip": temp_data[0]["ip"], "port": temp_data[0]["port"], } line_string = """{del_stat}, {vulner_name}, <div class="progress progress-xs"> <div class="progress-bar progress-bar-success" style="width: {safe_lever}%"></div> </div>, {ip}, {port}, <span class="badge bg-yellow" onclick="jump_to_detail('opt{eid}')">处置</span>""".format( **params) res_str_array.append(line_string.split(",")) res_df = pd.DataFrame() res_df["stat"] = res_stats res_df["threat_code"] = res_threat_codes res_df["str"] = res_str_array res_str_df = res_df.sort(columns=['stat', "threat_code"], ascending=True) return JsonResponse({"res": list(res_str_df["str"])})
def run_script(): ts = pd.DataFrame( list(from_sql_get_data("""select * from scan_task_temp;""") ["data"]))["task_id"] connect_eid_with_vulnerid_script(get_uniq_ids_from_vulner(ts[len(ts) - 1])) print("执行完成")
def index_flash(request): all_mf = from_sql_get_data( "select * from user_alert where id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');" )["data"] num = len(all_mf) num2 = len( from_sql_get_data( "select * from self_cruiser where id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');" )["data"]) res_str_data_from_db = "" if num > 0: res_str_data_from_db += "{num} 攻击威胁".format(num=num) if num2 > 0: res_str_data_from_db += " {num2} 安全隐患".format(num2=num2) if num + num2 == 0: res_str_data_from_db = "undefined" res = { "res": [{ "elementType": "node", "x": 115, "y": 167, "id": 19205, "Image": "newpics/1.png", "scaleX": 0.9000000000000001, "text": "网络和安全设备区", "textPosition": "Bottom_Center", "larm": "undefined" }, { "elementType": "node", "x": 600, "y": 167, "id": 100200, "Image": "newpics/2.png", "scaleX": 0.9000000000000001, "text": "服务器区", "textPosition": "Bottom_Center", "larm": "3 条告警信息" }, { "elementType": "node", "x": 107, "y": 573, "id": 61311, "Image": "newpics/3.png", "scaleX": 0.9000000000000001, "text": "A栋", "textPosition": "Bottom_Center", "larm": "undefined" }, { "elementType": "node", "x": 747, "y": 592, "id": 442224, "Image": "newpics/4.png", "scaleX": 0.9000000000000001, "text": "食堂", "textPosition": "Bottom_Center", "larm": "undefined" }, { "elementType": "node", "x": 172, "y": 44, "id": 7568, "Image": "newpics/5.png", "scaleX": 1.1, "text": "", "textPosition": "Top_Center", "larm": "undefined" }, { "elementType": "node", "x": 434, "y": 401, "id": 174034, "Image": "newpics/6.png", "scaleX": 1.5, "text": "", "textPosition": "Bottom_Center", "larm": "undefined" }, { "elementType": "node", "x": 417, "y": 579, "id": 241443, "Image": "newpics/3.png", "scaleX": 0.9000000000000001, "text": "B栋", "textPosition": "Bottom_Center", "larm": "undefined" }, { "elementType": "link", "nodeAid": 7568, "nodeZid": 19205, "text": "", "fontColor": "0, 200, 255" }, { "elementType": "link", "nodeAid": 19205, "nodeZid": 174034, "text": "", "fontColor": "0, 200, 255" }, { "elementType": "link", "nodeAid": 174034, "nodeZid": 100200, "text": "", "fontColor": "0, 200, 255" }, { "elementType": "link", "nodeAid": 174034, "nodeZid": 442224, "text": "", "fontColor": "0, 200, 255" }, { "elementType": "link", "nodeAid": 61311, "nodeZid": 174034, "text": "", "fontColor": "0, 200, 255" }, { "elementType": "link", "nodeAid": 174034, "nodeZid": 241443, "text": "", "fontColor": "0, 200, 255" }] } for x in res["res"]: if x["text"] == "服务器区": x["larm"] = res_str_data_from_db ## 进入二级页面保存 cookie 后期在这里保存 return JsonResponse(res)
def second_page_data(request): if request.method == "POST": sql = """select * from proj_ipbelongarea where area='{area}'""".format( area=request.session["area"]) res = from_sql_get_data(sql) datas = res["data"] temp_data = [] unique_ips = [] for data in datas: if data["ip"] not in unique_ips: unique_ips.append(data["ip"]) g_dict = {} g_dict.setdefault("ip", data["ip"]) g_dict.setdefault("name", data["name"]) g_dict.setdefault("tc_text", data["tc_text"]) g_dict.setdefault("belongCate", data["belongCate"]) temp_data.append(g_dict) fang = int(len(temp_data)**(0.5)) + 1 if abs((len(temp_data)**(0.5)) - (int(len(temp_data)**(0.5)))) < 0.0001: fang = int(len(temp_data))**0.5 ########## 根据当前情况创建 get_json ###data 里面记录Node信息 data = [] height, width = request.POST["canvas_height"], request.POST[ "canvas_width"] from proj.utils import get_canvas_config canvas_config = get_canvas_config(width, height, fang) ## fang = canvas_config["fang"] request.session["gj"] = {} request.session["xj"] = {} ## 告警和威胁全部设置为空的字典 for index in range(len(temp_data)): lie = index % canvas_config["fang"] hang = int(index / canvas_config["fang"]) img = [ "server.png" if temp_data[index]["belongCate"] == "server" else "host.png" ][0] larm = temp_data[index]["tc_text"] input_ip = temp_data[index]["ip"] all_mf = from_sql_get_data( "select id,src_ip,dst_ip from user_alert where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');" .format(ip=input_ip))["data"] request.session["gj"].setdefault(input_ip, all_mf) larm = [ "{num} 攻击威胁 ".format( num=len(all_mf)) if len(all_mf) > 0 else "" ][0] wx_df = from_sql_get_data( "select id,src_ip,msg,sport,level from self_cruiser where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');" .format(ip=input_ip))["data"] request.session["xj"].setdefault(input_ip, wx_df) larm += [ " {num} 安全隐患 ".format( num=len(wx_df)) if len(wx_df) > 0 else "" ][0] if (len(all_mf) + len(wx_df) == 0): larm = "undefined" params = { "elementType": "node", "x": canvas_config["left_blank"] + canvas_config["left_space"] * lie, "y": canvas_config["top_blank"] + canvas_config["top_space"] * hang, "id": index + 1, "Image": img, "larm": larm, "scaleX": 1.3, "textPosition": "Bottom_Center", "text": temp_data[index]["name"], "ip": temp_data[index]["ip"], } data.append(params) return JsonResponse({"res": data, "fang": fang})
def new_dialog(request): ip = request.GET["ip"] if "area" not in request.session.keys(): request.session["area"] = "服务器区" sql = """select * from proj_ipbelongarea where area='{area}' and ip='{ip}';""".format( area=request.session["area"], ip=ip) res = from_sql_get_data(sql) element = res["data"][0] ######### 告警和威胁 ################# gj = request.session["gj"] xj = request.session["xj"] if len(xj[ip]) == 0: res_aqyh_dialog = """无告警""" else: temp_df_xj = xj[ip] res_aqyh_dialog = """""" index = 0 for data in temp_df_xj: index += 1 el = """""" if data["level"] == "高危": el = """<small class="label label-danger">高危紧急</small>""" params = { "index": index, "event_msg": data["msg"], "event_level": el, "event_id": data["id"], } temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td> <td>{event_level}</td> <td>{event_msg}漏洞</td> <td><i class="fa fa-gavel" name="gavel" ></i></td> </tr>""".format(**params) res_aqyh_dialog += temp_str if len(gj[ip]) == 0: res_gjwx_dialog = """无告警""" else: res_gjwx_dialog = "" temp_df_wx = gj[ip] index = 0 for data in temp_df_wx: index += 1 event_type = from_sql_get_data( """select regular.* from (select * from user_alert where id = {event_id}) as t1 left join regular on t1.rule_id = regular.sid""" .format(event_id=data["id"]))["data"][0]["msg"] params = { "index": index, "src_ip": data["src_ip"], "dst_ip": data["dst_ip"], "event_id": data["id"], "event_type": event_type } temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td> <td>{event_type}</td> <td> <i class="fa fa-gavel" ></i> </td></tr>""".format(**params) res_gjwx_dialog += temp_str dialog_html = """<h5>当前区域:<span>""" + element["area"] + """</span></h5> <h5>名称:<span>""" + element["name"] + """</span></h5> <h5>IP:<span>""" + element["ip"] + """</span></h5> <h5>安全隐患</h5> <table class="table table-bordered table-striped"> <tbody> """ + res_aqyh_dialog + """ </tbody> </table> <h5>攻击威胁</h5> <table class="table table-bordered table-striped gongji"> <tbody>""" + res_gjwx_dialog + """</tbody></table>""" return HttpResponse(dialog_html)
def add_ip(request): if ip in from_sql_get_data('select ip from proj_ipbelongarea;')['data']: return HttpResponse("ip已经在其中了") sql = """insert into proj_ipbelongarea(ip, name, belongCate, tc_text, add_date, area) values('{ip}', '{name}', '{belongCate}', '{tc_text}', '{add_date}', '{area}')""" return factory_jip(request, sql, "添加")
def second_page_json(request): if request.method == "POST": sql = "select * from jtopot_jips;" res = from_sql_get_data(sql) datas = res["data"] temp_data = [] unique_ips = [] for data in datas: if data["ip"] not in unique_ips: unique_ips.append(data["ip"]) g_dict = {} g_dict.setdefault("ip", data["ip"]) g_dict.setdefault("name", data["name"]) g_dict.setdefault("stat", data["stat"]) g_dict.setdefault("tc_text", data["tc_text"]) g_dict.setdefault("belongCate", data["belongCate"]) temp_data.append(g_dict) fang = int(len(temp_data)**(0.5)) + 1 if abs((len(temp_data)**(0.5)) - (int(len(temp_data)**(0.5)))) < 0.0001: fang = int(len(temp_data))**0.5 ########## 根据当前情况创建 get_json ###data 里面记录Node信息 data = [] height, width = request.POST["canvas_height"], request.POST[ "canvas_width"] from .utils import get_canvas_config canvas_config = get_canvas_config(width, height, fang) ## fang = canvas_config["fang"] for index in range(len(temp_data)): lie = index % canvas_config["fang"] hang = int(index / canvas_config["fang"]) img = [ "server.png" if temp_data[index]["belongCate"] == "server" else "host.png" ][0] larm = [ temp_data[index]["tc_text"] if temp_data[index]["stat"] == 1 else "undefined" ][0] params = { "elementType": "node", "x": canvas_config["left_blank"] + canvas_config["left_space"] * lie, "y": canvas_config["top_blank"] + canvas_config["top_space"] * hang, "id": index + 1, "Image": img, "larm": larm, "scaleX": 1.3, "textPosition": "Bottom_Center", "text": temp_data[index]["name"], "ip": temp_data[index]["ip"], } data.append(params) return JsonResponse({"res": data, "fang": fang})
def dj_ip_dialog(request): ip = request.GET["ip"] sql = """select * from proj_ipbelongarea where ip='{ip}';""".format(ip=ip) res = from_sql_get_data(sql) element = res["data"][0] ## 攻击威胁和智能巡检 wx = request.session["ip_info"][ip]["wx"] xj = request.session["ip_info"][ip]["xj"] ## 先来巡检的 if len(xj) == 0: res_aqyh_dialog = """无告警""" else: temp_df_xj = xj res_aqyh_dialog = """""" index = 0 for data in temp_df_xj: index += 1 el = """""" if data["threat_code"] > 1: el = """<small class="label label-danger">高危紧急</small>""" params = { "index": index, "event_msg": data["vulner_name"], "event_level": el, "event_id": data["eid"], } temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td> <td>{event_level}</td> <td>{event_msg}漏洞</td> <td><i class="fa fa-gavel" name="gavel" ></i></td> </tr>""".format(**params) res_aqyh_dialog += temp_str ## 再来威胁预警的消息 if len(wx) == 0: res_gjwx_dialog = """无告警""" else: res_gjwx_dialog = "" temp_df_wx = wx index = 0 for data in temp_df_wx: index += 1 params = { "index": index, "src_ip": data["src_ip"], "dst_ip": data["dst_ip"], "event_id": data["id"], "event_type": data["rules_type"] } temp_str = """<tr id="opt{event_id}" onclick="jump_to_detail(this.id)"><td>{index}</td> <td>{event_type}</td> <td> <i class="fa fa-gavel" ></i> </td></tr>""".format(**params) res_gjwx_dialog += temp_str dialog_html = """<h5>当前区域:<span>""" + element["area"] + """</span></h5> <h5>名称:<span>""" + element["name"] + """</span></h5> <h5>IP:<span>""" + element["ip"] + """</span></h5> <h5>安全隐患</h5> <table class="table table-bordered table-striped"> <tbody> """ + res_aqyh_dialog + """ </tbody> </table> <h5>攻击威胁</h5> <table class="table table-bordered table-striped gongji"> <tbody>""" + res_gjwx_dialog + """</tbody></table>""" return HttpResponse(dialog_html)
def edit2(request): from proj.utils import sql_action, from_sql_get_data request.session["gj"] = {} request.session["xj"] = {} user_oprete_data = from_sql_get_data(""" select t1.event_stat, user_alert.src_ip as gj_ip, t1.event_id as eid, self_cruiser.src_ip as zj_ip from (select * from proj_eventdetail) as t1 left join user_alert on t1.event_id = user_alert.id left join self_cruiser on t1.event_id = self_cruiser.id;""")["data"] import pandas as pd opt_df = pd.DataFrame(list(user_oprete_data)) request.session["ip_stats"] = {} for input_ip in ["192.168.100.114", "192.168.100.120"]: all_mf = from_sql_get_data( "select id,src_ip,dst_ip from user_alert where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');" .format(ip=input_ip))["data"] request.session["gj"].setdefault(input_ip, all_mf) wx_df = from_sql_get_data( "select id,src_ip,msg,sport,level from self_cruiser where src_ip = '{ip}' and id not in (select event_id from proj_eventdetail where event_stat = '完成' or event_stat = '忽略');" .format(ip=input_ip))["data"] request.session["xj"].setdefault(input_ip, wx_df) gj_df = opt_df[opt_df["gj_ip"] == input_ip] zj_df = opt_df[opt_df["zj_ip"] == input_ip] if (len(gj_df) + len(zj_df) == 0): request.session["ip_stats"].setdefault(input_ip, "未处理") continue all_event_id = pd.DataFrame((from_sql_get_data( """select id from user_alert where src_ip = '{ip}' union select id from self_cruiser where src_ip = '{ip}'""" .format(ip=input_ip))["data"]))["id"] flag = False import numpy as np for id in [str(x) for x in all_event_id]: if (len(gj_df) > 0 and int(id) < 10000): if (id not in gj_df[gj_df["event_stat"] == "完成"]["eid"]) and ( id not in gj_df[gj_df["event_stat"] == "忽略"]["eid"]): print(id) print(list(gj_df[gj_df["event_stat"] == "完成"]["eid"])) print( id in list(gj_df[gj_df["event_stat"] == "完成"]["eid"])) flag = True request.session["ip_stats"].setdefault(input_ip, "处理中") if (len(zj_df) > 0 and int(id) > 10000): if (id not in zj_df[zj_df["event_stat"] == "完成"]["eid"]) and ( id not in zj_df[zj_df["event_stat"] == "忽略"]["eid"]): print("???? " + str(id)) print(zj_df) flag = True request.session["ip_stats"].setdefault(input_ip, "处理中") if not flag: print("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1") request.session["ip_stats"].setdefault(input_ip, "完成") return render(request, "jtopot/edit2.html", {})