def system_settings(request):
if not request.user.is_staff:
context = { 'error': 'Unsufficient permissions' }
return scirius_render(request, 'rules/system_settings.html', context)
main_form = SystemSettingsForm(instance = get_system_settings())
kibana_form = KibanaDataForm()
context = {
'form_id': 'main',
'main_form': main_form,
'kibana_form': kibana_form,
}
if request.method == 'POST':
form_id = request.POST.get('form_id', None)
if form_id == 'main':
main_form = SystemSettingsForm(request.POST, instance = get_system_settings())
context['main_form'] = main_form
if main_form.is_valid():
main_form.save()
context['success'] = "All changes saved."
else:
context['error'] = "Invalid form."
elif form_id == 'kibana':
es_data = ESData()
if 'export' in request.POST:
tar_name, tar_file = es_data.kibana_export()
with open(tar_file, 'rb') as f:
content = f.read()
os.unlink(tar_file)
response = HttpResponse(content, content_type='application/x-bzip2')
response['Content-Disposition'] = 'attachment; filename="%s"' % tar_name
return response
elif 'import' in request.POST:
form = KibanaDataForm(request.POST, request.FILES)
if form.is_valid() and 'file' in request.FILES:
try:
count = es_data.kibana_import_fileobj(request.FILES['file'])
context['success'] = 'Successfully imported %i dashboards' % count
except Exception, e:
context['error'] = 'Import failed: %s' % e
else:
context['error'] = 'Please provide a dashboard archive'
elif 'clear' in request.POST:
try:
es_data.kibana_clear()
context['success'] = 'Done'
except Exception, e:
context['error'] = 'Clearing failed: %s' % e
elif 'reset' in request.POST:
try:
es_data.kibana_reset()
context['success'] = 'Done'
except Exception, e:
context['error'] = 'Reset failed: %s' % e
def complete_context(request, context):
if get_system_settings().use_elasticsearch:
if request.GET.__contains__('duration'):
duration = int(request.GET.get('duration', '24'))
if duration > 24 * 7:
duration = 24 * 7
request.session['duration'] = duration
else:
duration = int(request.session.get('duration', '24'))
from_date = int((time() - (duration * 3600)) * 1000) # last 24 hours
if duration <= 24:
date = str(duration) + "h"
else:
date = str(duration / 24) + "d"
if request.GET.__contains__('graph'):
graph = request.GET.get('graph', 'sunburst')
if not graph in ['sunburst', 'circles']:
graph = 'sunburst'
request.session['graph'] = graph
else:
graph = 'sunburst'
if graph == 'sunburst':
context['draw_func'] = 'draw_sunburst'
context['draw_elt'] = 'path'
else:
context['draw_func'] = 'draw_circle'
context['draw_elt'] = 'circle'
context['date'] = date
context['from_date'] = from_date
context['time_range'] = duration * 3600
def scirius_render(request, template, context):
context['generator'] = settings.RULESET_MIDDLEWARE
context['path_info'] = build_path_info(request)
gsettings = get_system_settings()
if settings.USE_INFLUXDB:
context['influxdb'] = 1
if settings.USE_SURICATA_STATS:
context['suricata_stats'] = 1
if settings.USE_LOGSTASH_STATS:
context['logstash_stats'] = 1
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
context['kibana_version'] = settings.KIBANA_VERSION
if settings.ELASTICSEARCH_2X:
context['es2x'] = 1
else:
context['es2x'] = 0
if settings.USE_EVEBOX:
context['evebox'] = 1
context['evebox_url'] = "/evebox"
return render(request, template, context)
def system_settings(request):
if not request.user.is_staff:
context = { 'error': 'Unsufficient permissions' }
return scirius_render(request, 'rules/system_settings.html', context)
if request.method == 'POST':
form = SystemSettingsForm(request.POST, instance = get_system_settings())
context = { 'form': form }
if not form.is_valid():
context['error'] = "Invalid form."
return scirius_render(request, 'rules/system_settings.html', context)
form.save()
context['success'] = "All changes saved."
return scirius_render(request, 'rules/system_settings.html', context)
form = SystemSettingsForm(instance = get_system_settings())
context = { 'form': form }
return scirius_render(request, 'rules/system_settings.html', context)
def complete_context(request, context):
if get_system_settings().use_elasticsearch:
if request.GET.__contains__("duration"):
duration = int(request.GET.get("duration", "24"))
if duration > 24 * 7:
duration = 24 * 7
request.session["duration"] = duration
else:
duration = int(request.session.get("duration", "24"))
from_date = int((time() - (duration * 3600)) * 1000) # last 24 hours
if duration <= 24:
date = str(duration) + "h"
else:
date = str(duration / 24) + "d"
if request.GET.__contains__("graph"):
graph = request.GET.get("graph", "sunburst")
if not graph in ["sunburst", "circles"]:
graph = "sunburst"
request.session["graph"] = graph
else:
graph = "sunburst"
if graph == "sunburst":
context["draw_func"] = "draw_sunburst"
context["draw_elt"] = "path"
else:
context["draw_func"] = "draw_circle"
context["draw_elt"] = "circle"
context["date"] = date
context["from_date"] = from_date
context["time_range"] = duration * 3600
def system_settings(request):
if not request.user.is_staff:
context = {"error": "Unsufficient permissions"}
return scirius_render(request, "rules/system_settings.html", context)
if request.method == "POST":
form = SystemSettingsForm(request.POST, instance=get_system_settings())
context = {"form": form}
if not form.is_valid():
context["error"] = "Invalid form."
return scirius_render(request, "rules/system_settings.html", context)
form.save()
context["success"] = "All changes saved."
return scirius_render(request, "rules/system_settings.html", context)
form = SystemSettingsForm(instance=get_system_settings())
context = {"form": form}
return scirius_render(request, "rules/system_settings.html", context)
def complete_context(request, context):
if get_system_settings().use_elasticsearch:
if request.GET.__contains__('duration'):
duration = int(request.GET.get('duration', '24'))
if duration > 24 * 30:
duration = 24 * 30
request.session['duration'] = duration
else:
duration = int(request.session.get('duration', '24'))
from_date = int((time() - (duration * 3600)) * 1000)
if duration <= 24:
date = str(duration) + "h"
else:
date = str(duration / 24) + "d"
if request.GET.__contains__('graph'):
graph = request.GET.get('graph', 'sunburst')
if not graph in ['sunburst', 'circles']:
graph = 'sunburst'
request.session['graph'] = graph
else:
graph = 'sunburst'
if graph == 'sunburst':
context['draw_func'] = 'draw_sunburst'
context['draw_elt'] = 'path'
else:
context['draw_func'] = 'draw_circle'
context['draw_elt'] = 'circle'
context['date'] = date
context['from_date'] = from_date
context['time_range'] = duration * 3600
def system_settings(request):
if not request.user.is_staff:
context = { 'error': 'Unsufficient permissions' }
return scirius_render(request, 'rules/system_settings.html', context)
if request.method == 'POST':
form = SystemSettingsForm(request.POST, instance = get_system_settings())
context = { 'form': form }
if not form.is_valid():
context['error'] = "Invalid form."
return scirius_render(request, 'rules/system_settings.html', context)
form.save()
context['success'] = "All changes saved."
return scirius_render(request, 'rules/system_settings.html', context)
form = SystemSettingsForm(instance = get_system_settings())
context = { 'form': form }
return scirius_render(request, 'rules/system_settings.html', context)
def scirius_render(request, template, context):
context['generator'] = settings.RULESET_MIDDLEWARE
context['path_info'] = build_path_info(request)
gsettings = get_system_settings()
if settings.USE_INFLUXDB:
context['influxdb'] = 1
if settings.USE_SURICATA_STATS:
context['suricata_stats'] = 1
if settings.USE_LOGSTASH_STATS:
context['logstash_stats'] = 1
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
context['kibana_version'] = settings.KIBANA_VERSION
if settings.ELASTICSEARCH_2X:
context['es2x'] = 1
else:
context['es2x'] = 0
if settings.USE_EVEBOX:
context['evebox'] = 1
context['evebox_url'] = "/evebox"
try:
middleware = __import__("%s.%s" % (settings.RULESET_MIDDLEWARE, 'links'))
context['links'] = middleware.links.links(request)
except:
pass
return render(request, template, context)
def scirius_render(request, template, context):
context['generator'] = settings.RULESET_MIDDLEWARE
context['path_info'] = build_path_info(request)
context[
'scirius_release'] = settings.SCIRIUS_FLAVOR + " v" + settings.SCIRIUS_VERSION
context['scirius_long_name'] = settings.SCIRIUS_LONG_NAME
context['scirius_title'] = get_middleware_module(
'common').get_homepage_context()['title']
context['scirius_short_title'] = get_middleware_module(
'common').get_homepage_context()['short_title']
gsettings = get_system_settings()
if settings.USE_INFLUXDB:
context['influxdb'] = 1
if settings.USE_SURICATA_STATS:
context['suricata_stats'] = 1
if settings.USE_LOGSTASH_STATS:
context['logstash_stats'] = 1
if settings.HAVE_NETINFO_AGG:
context['netinfo_agg'] = 1
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
if settings.USE_EVEBOX:
context['evebox'] = 1
context['evebox_url'] = "/evebox"
if settings.USE_CYBERCHEF:
context['cyberchef'] = 1
context['cyberchef_url'] = "/static/cyberchef/"
if settings.SCIRIUS_HAS_DOC:
djurl = request.resolver_match
context['help_link'] = help_links(djurl.view_name)
if settings.SCIRIUS_IN_SELKS:
context['in_selks'] = 1
context['toplinks'] = [{
'id':
'suricata',
'url':
'/suricata/',
'icon':
'eye-open',
'label':
'Suricata',
'perm':
request.user.has_perm('rules.configuration_view')
}]
context['monitoring_url'] = 'suricata_index'
context.update(get_middleware_module('common').update_context(request))
context['messages'] = messages.get_messages(request)
context['settings'] = settings
complete_context(request, context)
return render(request, template, context)
def scirius_render(request, template, context):
try:
context['probes'] = map(lambda x: "'" + x + "'",
Probe.models.get_probe_hostnames())
except:
pass
context['generator'] = settings.RULESET_MIDDLEWARE
context['path_info'] = build_path_info(request)
context[
'scirius_release'] = settings.SCIRIUS_FLAVOR + " v" + settings.SCIRIUS_VERSION
gsettings = get_system_settings()
if settings.USE_INFLUXDB:
context['influxdb'] = 1
if settings.USE_SURICATA_STATS:
context['suricata_stats'] = 1
if settings.USE_LOGSTASH_STATS:
context['logstash_stats'] = 1
if settings.HAVE_NETINFO_AGG:
context['netinfo_agg'] = 1
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
context['es_backend'] = settings.ES_BACKEND
if settings.USE_EVEBOX:
context['evebox'] = 1
context['evebox_url'] = "/evebox"
if settings.SCIRIUS_HAS_DOC:
djurl = request.resolver_match
context['help_link'] = help_links(djurl.view_name)
context['toplinks'] = [{
'id': 'suricata',
'url': '/suricata/',
'icon': 'eye-open',
'label': 'Suricata'
}]
context['monitoring_url'] = 'suricata_index'
try:
links = get_middleware_module('links')
context['toplinks'] = links.TOPLINKS
context['links'] = links.links(request)
context['monitoring_url'] = links.MONITORING_URL
except:
pass
try:
context['middleware_status'] = get_middleware_module(
'common').block_status(request)
except:
pass
context['messages'] = messages.get_messages(request)
complete_context(request, context)
return render(request, template, context)
def scirius_render(request, template, context):
context['generator'] = settings.RULESET_MIDDLEWARE
gsettings = get_system_settings()
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
return render(request, template, context)
def scirius_render(request, template, context):
context['generator'] = settings.RULESET_MIDDLEWARE
context['path_info'] = build_path_info(request)
context[
'scirius_release'] = settings.SCIRIUS_FLAVOR + " v" + settings.SCIRIUS_VERSION
gsettings = get_system_settings()
if settings.USE_INFLUXDB:
context['influxdb'] = 1
if settings.USE_SURICATA_STATS:
context['suricata_stats'] = 1
if settings.USE_LOGSTASH_STATS:
context['logstash_stats'] = 1
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
context['kibana_version'] = settings.KIBANA_VERSION
if settings.ELASTICSEARCH_VERSION >= 2:
context['es2x'] = 1
else:
context['es2x'] = 0
if settings.USE_EVEBOX:
context['evebox'] = 1
context['evebox_url'] = "/evebox"
context['toplinks'] = [{
'id': 'suricata',
'url': '/suricata/',
'icon': 'eye-open',
'label': 'Suricata'
}]
try:
middleware = __import__("%s.%s" %
(settings.RULESET_MIDDLEWARE, 'links'))
context['toplinks'] = middleware.links.TOPLINKS
context['links'] = middleware.links.links(request)
except:
pass
try:
middleware = __import__("%s.%s" %
(settings.RULESET_MIDDLEWARE, 'common'))
context['middleware_status'] = middleware.common.block_status(request)
except:
pass
context['messages'] = messages.get_messages(request)
return render(request, template, context)
def scirius_render(request, template, context):
context['generator'] = settings.RULESET_MIDDLEWARE
gsettings = get_system_settings()
if settings.USE_INFLUXDB:
context['influxdb'] = 1
if settings.USE_SURICATA_STATS:
context['suricata_stats'] = 1
if settings.USE_LOGSTASH_STATS:
context['logstash_stats'] = 1
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
context['kibana_version'] = settings.KIBANA_VERSION
return render(request, template, context)
def scirius_render(request, template, context):
context['generator'] = settings.RULESET_MIDDLEWARE
context['path_info'] = build_path_info(request)
gsettings = get_system_settings()
if settings.USE_INFLUXDB:
context['influxdb'] = 1
if settings.USE_SURICATA_STATS:
context['suricata_stats'] = 1
if settings.USE_LOGSTASH_STATS:
context['logstash_stats'] = 1
if gsettings.use_elasticsearch:
context['elasticsearch'] = 1
if settings.USE_KIBANA:
context['kibana'] = 1
if settings.KIBANA_PROXY:
context['kibana_url'] = "/kibana"
else:
context['kibana_url'] = settings.KIBANA_URL
context['kibana_version'] = settings.KIBANA_VERSION
if settings.ELASTICSEARCH_2X:
context['es2x'] = 1
else:
context['es2x'] = 0
if settings.USE_EVEBOX:
context['evebox'] = 1
context['evebox_url'] = "/evebox"
try:
middleware = __import__("%s.%s" %
(settings.RULESET_MIDDLEWARE, 'links'))
context['links'] = middleware.links.links(request)
except:
pass
try:
middleware = __import__("%s.%s" %
(settings.RULESET_MIDDLEWARE, 'common'))
context['middleware_status'] = middleware.common.block_status(request)
except:
pass
return render(request, template, context)
def complete_context(request, context):
if get_system_settings().use_elasticsearch:
if request.GET.__contains__('duration'):
duration = int(request.GET.get('duration', '24'))
if duration > 24 * 30:
duration = 24 * 30
request.session['duration'] = duration
else:
duration = int(request.session.get('duration', '24'))
from_date = int((time() - (duration * 3600)) * 1000)
if duration <= 24:
date = '%ih' % int(duration)
else:
date = '%id' % int(duration / 24)
context['draw_func'] = 'draw_sunburst'
context['draw_elt'] = 'path'
context['date'] = date
context['from_date'] = from_date
context['time_range'] = duration * 3600
def _get_proxies(self):
return get_system_settings().get_proxy_params()
def system_settings(request):
if not request.user.is_staff:
context = {'error': 'Unsufficient permissions'}
return scirius_render(request, 'rules/system_settings.html', context)
main_form = SystemSettingsForm(instance=get_system_settings())
kibana_form = KibanaDataForm()
context = {
'form_id': 'main',
'main_form': main_form,
'kibana_form': kibana_form,
}
if request.method == 'POST':
form_id = request.POST.get('form_id', None)
if form_id == 'main':
main_form = SystemSettingsForm(request.POST,
instance=get_system_settings())
context['main_form'] = main_form
if main_form.is_valid():
main_form.save()
context['success'] = "All changes saved."
else:
context['error'] = "Invalid form."
elif form_id == 'es':
es_data = ESData()
try:
es_data.es_clear()
context['success'] = 'Done'
except ConnectionError as e:
context['error'] = 'Could not connect to Elasticsearch'
except Exception as e:
context['error'] = 'Clearing failed: %s' % e
elif form_id == 'kibana':
es_data = ESData()
if 'export' in request.POST:
tar_name, tar_file = es_data.kibana_export()
with open(tar_file, 'rb') as f:
content = f.read()
os.unlink(tar_file)
response = HttpResponse(content,
content_type='application/x-bzip2')
response[
'Content-Disposition'] = 'attachment; filename="%s"' % tar_name
return response
elif 'import' in request.POST:
form = KibanaDataForm(request.POST, request.FILES)
if form.is_valid() and 'file' in request.FILES:
try:
count = es_data.kibana_import_fileobj(
request.FILES['file'])
context[
'success'] = 'Successfully imported %i dashboards' % count
except Exception, e:
context['error'] = 'Import failed: %s' % e
else:
context['error'] = 'Please provide a dashboard archive'
elif 'clear' in request.POST:
try:
es_data.kibana_clear()
context['success'] = 'Done'
except Exception, e:
context['error'] = 'Clearing failed: %s' % e
elif 'reset' in request.POST:
try:
es_data.kibana_reset()
context['success'] = 'Done'
except Exception, e:
context['error'] = 'Reset failed: %s' % e