Dashboard widgets

- Widget to display system resources (df, cpu, mem) - Widget to display the latest sightings - Widget to display the false positive sightings above certain treshold
2020-06-06 16:17:21 +02:00 · 2020-06-06 16:17:21 +02:00 · 306eda5328
parent b0ec358843
commit 306eda5328
3 changed files with 195 additions and 0 deletions
--- a/app/Lib/Dashboard/MispSystemResourceWidget.php
+++ b/app/Lib/Dashboard/MispSystemResourceWidget.php
@ -0,0 +1,57 @@
+<?php
+
+class MispSystemResourceWidget
+{
+    public $title = 'MISP System Resource Usage';
+    public $render = 'SimpleList';
+    public $width = 3;
+    public $height = 3;
+    public $params = array(
+        'treshold' => 'Treshold for disk space'
+    );
+    public $description = 'Basic widget showing some system server statistics.';
+    public $cacheLifetime = false;
+    public $autoRefreshDelay = 30;
+    public $placeholder =
+    '{
+        "treshold": "85"
+    }';
+
+	public function handler($user, $options = array())
+	{
+        $treshold = (int)$params['treshold'];
+
+        $drive = round((1 - disk_free_space(getcwd())/disk_total_space(getcwd()))*100,2);
+        if ($drive > $treshold) {
+            $driveFree = $drive . "% - [Above Treshhold]";
+            $driveFreeClass = "red";
+        }
+        else {
+            $driveFree = $drive . "%";
+            $driveFreeClass = "";
+        }
+
+        $sysload = sys_getloadavg();
+
+        preg_match('#MemFree:[\s\t]+([\d]+)\s+kB#', file_get_contents('/proc/meminfo'), $matches);
+        $memoryFree = $matches[1];
+        preg_match('#MemTotal:[\s\t]+([\d]+)\s+kB#', file_get_contents('/proc/meminfo'), $matches);
+        $memoryTotal = $matches[1];
+
+        $data = array(
+                array( 'title' => __('System'), 'value' => php_uname()),
+                array( 'title' => __('Disk usage'), 'value' => h($driveFree), 'class' => $driveFreeClass),
+                array( 'title' => __('Load'), 'value' => h($sysload[0] . " - " . $sysload[1] . " - " . $sysload[2])),
+                array( 'title' => __('Memory'), 'value' => h(round($memoryFree/1024,2) . "M free (" . round((1 - $memoryFree/$memoryTotal)*100,2) . "% used)")),
+                );
+        return $data;
+	}
+
+    public function checkPermissions($user)
+    {
+        if (empty($user['Role']['perm_site_admin'])) {
+            return false;
+        }
+        return true;
+    }
+}
--- a/app/Lib/Dashboard/RecentSightingsWidget.php
+++ b/app/Lib/Dashboard/RecentSightingsWidget.php
@ -0,0 +1,66 @@
+<?php
+
+class RecentSightingsWidget
+{
+    public $title = 'Recent Sightings';
+    public $render = 'SimpleList';
+    public $width = 8;
+    public $height = 6;
+    public $params = array(
+        'limit' => 'Maximum amount of sightings to return',
+        'last' => 'Limit sightins to last 1d, 12h, ...'
+    );
+    public $description = 'Widget showing information on recent sightings';
+    public $cacheLifetime = false;
+    public $autoRefreshDelay = 30;
+    public $placeholder =
+    '{
+        "limit": "10",
+        "last": "1d",
+    }';
+
+	public function handler($user, $options = array())
+	{
+        $params = array(
+            'last' => empty($options['last']) ? "1d" : $options['last'],
+            'limit' => empty($options['limit']) ? "10" : $options['limit']
+        );
+        $last = $params['last'];
+        $limit = $params['limit'];
+
+        $this->Sighting = ClassRegistry::init('Sighting');
+        $filters = array( 'last' => $last, 'includeAttribute' => 'true', 'includeEvent' => 'true');
+        $data = array();
+        $count = 0;
+
+        foreach(json_decode($this->Sighting->restSearch($user, 'json', $filters))->{'response'} as $el) {
+            $sighting = $el->{'Sighting'};
+            $event = $sighting->{'Event'};
+            $attribute = $sighting->{'Attribute'};
+
+            if ($sighting->{'type'} == 0) $type = "Sighting";
+            elseif ($sighting->{'type'} == 1) $type = "False positive";
+            else $type = "Expiration";
+
+            $output = $attribute->{'value'} . " (id: " . $attribute->{'id'} . ") in " . $event->{'info'} . " (id: " . $event->{'id'} . ")";
+            $data[] = array( 'title' => __($type), 'value' => $output, 
+                                'html' => sprintf(
+                                    ' (Event <a href="%s%s">%s</a>)',
+                                    Configure::read('MISP.baseurl') . '/events/view/', $event->{'id'},
+                                    $event->{'id'}
+                                )
+                        );
+            ++$count;
+            if ($count >= $limit ) break;
+        }
+        return $data;
+	}
+
+    public function checkPermissions($user)
+    {
+        if (empty($user['Role']['perm_site_admin'])) {
+            return false;
+        }
+        return true;
+    }
+}
--- a/app/Lib/Dashboard/TresholdSightingsWidget.php
+++ b/app/Lib/Dashboard/TresholdSightingsWidget.php
@ -0,0 +1,72 @@
+<?php
+
+class TresholdSightingsWidget
+{
+    public $title = 'Treshold Sightings';
+    public $render = 'SimpleList';
+    public $width = 8;
+    public $height = 4;
+    public $params = array(
+        'treshold' => 'Treshold for sightings'
+    );
+    public $description = 'Widget showing information on sightings above certain treshold';
+    public $cacheLifetime = false;
+    public $autoRefreshDelay = 30;
+    public $placeholder = 
+    '{
+        "treshold": "10"
+    }';
+
+	public function handler($user, $options = array())
+	{
+        $params = array(
+            'treshold' => empty($options['treshold']) ? 10 : $options['treshold'],
+        );
+        $treshold = $params['treshold'];
+
+        $this->Sighting = ClassRegistry::init('Sighting');
+
+        $filters = array( 'includeAttribute' => 'true', 'includeEvent' => 'true');
+
+        $data = array();
+        $sightings_score = array();
+        $restSearch = json_decode($this->Sighting->restSearch($user, 'json', $filters))->{'response'};
+
+        foreach($restSearch as $el) {
+            $sighting = $el->{'Sighting'};
+            $attribute = $sighting->{'Attribute'};
+            $event = $sighting->{'Event'};
+
+            if (!array_key_exists($attribute->{'id'}, $sightings_score)) $sightings_score[$attribute->{'id'}] = array( 'value' => $attribute->{'value'},
+                                                                                                                'score' => 0,
+                                                                                                                'event_title' => $event->{'info'},
+                                                                                                                'event_id' => $event->{'id'});
+            # Sighting
+            if ($sighting->{'type'} == 0) $sightings_score[$attribute->{'id'}]['score'] = $sightings_score[$attribute->{'id'}]['score'] - 1;
+            # False Positive
+            elseif ($sighting->{'type'} == 1) $sightings_score[$attribute->{'id'}]['score'] = $sightings_score[$attribute->{'id'}]['score'] + 1; 
+        }
+
+        foreach($sightings_score as $attribute_id => $s) {
+            if ((int)$s['score'] >= (int)$treshold ) {
+                $output = "Score: " . $s['score'] . ": " . $s['value'] . " (id: " . $attribute_id . ") in " . $s['event_title'] . " (id: " . $s['event_id'] . ")";
+                $data[] = array( 'title' => __("False positive above threshold"), 'value' => $output, 
+                                    'html' => sprintf(
+                                        ' (Event <a href="%s%s">%s</a>)',
+                                        Configure::read('MISP.baseurl') . '/events/view/', $s['event_id'],
+                                        $s['event_id']
+                                    ));
+            };
+        }
+
+        return $data;
+	}
+
+    public function checkPermissions($user)
+    {
+        if (empty($user['Role']['perm_site_admin'])) {
+            return false;
+        }
+        return true;
+    }
+}