mirror of https://github.com/MISP/MISP
chg: [log] Better filtering for access logs
parent
e013d7accb
commit
6692a3fa60
|
@ -37,6 +37,9 @@ class AccessLogsController extends AppController
|
|||
'controller',
|
||||
'action',
|
||||
'url',
|
||||
'user_agent',
|
||||
'memory_usage',
|
||||
'duration',
|
||||
'response_code',
|
||||
]);
|
||||
|
||||
|
@ -74,8 +77,15 @@ class AccessLogsController extends AppController
|
|||
$contentType = explode(';', $request['AccessLog']['request_content_type'], 2)[0];
|
||||
if ($contentType === 'application/x-www-form-urlencoded' || $contentType === 'multipart/form-data') {
|
||||
parse_str($request['AccessLog']['request'], $output);
|
||||
$highlighted = highlight_string("<?php\n" . var_export($output, true) . "?>", true);
|
||||
$highlighted = str_replace(["<?php","?>"] , '', $highlighted);
|
||||
// highlight PHP array
|
||||
$highlighted = highlight_string("<?php " . var_export($output, true), true);
|
||||
$highlighted = trim($highlighted);
|
||||
$highlighted = preg_replace("|^\\<code\\>\\<span style\\=\"color\\: #[a-fA-F0-9]{0,6}\"\\>|", "", $highlighted, 1); // remove prefix
|
||||
$highlighted = preg_replace("|\\</code\\>\$|", "", $highlighted, 1); // remove suffix 1
|
||||
$highlighted = trim($highlighted); // remove line breaks
|
||||
$highlighted = preg_replace("|\\</span\\>\$|", "", $highlighted, 1); // remove suffix 2
|
||||
$highlighted = trim($highlighted); // remove line breaks
|
||||
$highlighted = preg_replace("|^(\\<span style\\=\"color\\: #[a-fA-F0-9]{0,6}\"\\>)(<\\?php )(.*?)(\\</span\\>)|", "\$1\$3\$4", $highlighted); // remove custom added "<?php "
|
||||
$data = $highlighted;
|
||||
} else {
|
||||
$data = h($request['AccessLog']['request']);
|
||||
|
@ -137,6 +147,18 @@ class AccessLogsController extends AppController
|
|||
if (isset($params['url'])) {
|
||||
$conditions['AccessLog.url LIKE'] = "%{$params['url']}%";
|
||||
}
|
||||
if (isset($params['user_agent'])) {
|
||||
$conditions['AccessLog.user_agent LIKE'] = "%{$params['user_agent']}%";
|
||||
}
|
||||
if (isset($params['memory_usage'])) {
|
||||
$conditions['AccessLog.memory_usage >='] = ($params['memory_usage'] * 1024);
|
||||
}
|
||||
if (isset($params['memory_usage'])) {
|
||||
$conditions['AccessLog.memory_usage >='] = ($params['memory_usage'] * 1024);
|
||||
}
|
||||
if (isset($params['duration'])) {
|
||||
$conditions['AccessLog.duration >='] = $params['duration'];
|
||||
}
|
||||
if (isset($params['request_method'])) {
|
||||
$methodId = array_flip(AccessLog::REQUEST_TYPES)[$params['request_method']] ?? -1;
|
||||
$conditions['AccessLog.request_method'] = $methodId;
|
||||
|
|
|
@ -165,7 +165,7 @@ class AccessLog extends AppModel
|
|||
{
|
||||
$data['response_code'] = http_response_code();
|
||||
$data['memory_usage'] = memory_get_peak_usage();
|
||||
$data['duration'] = (int)((microtime(true) - $requestTime) * 1000);
|
||||
$data['duration'] = (int)((microtime(true) - $requestTime) * 1000); // in milliseconds
|
||||
|
||||
try {
|
||||
return $this->save($data, ['atomic' => false]);
|
||||
|
|
|
@ -95,7 +95,7 @@
|
|||
description: "Organisation ID, UUID or name",
|
||||
},
|
||||
{
|
||||
input: "text",
|
||||
input: "select",
|
||||
type: "string",
|
||||
operators: [
|
||||
"equal",
|
||||
|
@ -144,6 +144,36 @@
|
|||
unique: true,
|
||||
id: "url",
|
||||
label: "URL",
|
||||
},
|
||||
{
|
||||
input: "text",
|
||||
type: "string",
|
||||
operators: [
|
||||
"contains",
|
||||
],
|
||||
unique: true,
|
||||
id: "user_agent",
|
||||
label: "User agent",
|
||||
},
|
||||
{
|
||||
type: "double",
|
||||
operators: [
|
||||
"greater_or_equal",
|
||||
],
|
||||
unique: true,
|
||||
id: "memory_usage",
|
||||
label: "Memory usage",
|
||||
description: "In MB",
|
||||
},
|
||||
{
|
||||
type: "double",
|
||||
operators: [
|
||||
"greater_or_equal",
|
||||
],
|
||||
unique: true,
|
||||
id: "duration",
|
||||
label: "Duration",
|
||||
description: "In milliseconds (1 second is equal to 1000 milliseconds)",
|
||||
}
|
||||
],
|
||||
rules: {
|
||||
|
|
|
@ -1 +1 @@
|
|||
<div style="padding: 1em; background: white; word-wrap: break-word; white-space: pre-wrap"><?= h($request) ?></div>
|
||||
<div style="padding: 1em; background: white; word-wrap: break-word; white-space: pre-wrap"><?= $request ?></div>
|
||||
|
|
|
@ -2853,7 +2853,7 @@ Query builder
|
|||
}
|
||||
|
||||
/* Fix text input for query builder */
|
||||
.query-builder .rule-value-container input[type="text"] {
|
||||
.query-builder .rule-value-container input[type="text"], .query-builder .rule-value-container input[type="number"] {
|
||||
padding: 4px !important;
|
||||
height: 30px;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue