-
Notifications
You must be signed in to change notification settings - Fork 86
Account List search filters
grutz@jingojango.net edited this page Oct 10, 2013
·
1 revision
On the accounts/list page the search input box accepts a very limited number of criteria:
["port", db.t_services.f_number],
["proto", db.t_services.f_proto],
["user", db.t_accounts.f_username],
["name", db.t_accounts.f_fullname],
["domain", db.t_accounts.f_domain],
["hash", db.t_accounts.f_hash1],
["hash1", db.t_accounts.f_hash1],
["hash2", db.t_accounts.f_hash2],
["htype", db.t_accounts.f_hash1_type],
["uid", db.t_accounts.f_uid],
["gid", db.t_accounts.f_gid],
["level", db.t_accounts.f_level],
["source", db.t_accounts.f_source],
["desc", db.t_accounts.f_description],
["msg", db.t_accounts.f_message],
["ip", db.t_hosts.f_ipv4],
["ipv4", db.t_hosts.f_ipv4],
["ipv6", db.t_hosts.f_ipv6],
["hostname", db.t_hosts.f_hostname],
These are used by entering the search field and criteria separated by colons. For example:
htype:NT user:administrator
Searches are not case sensitive (they are upper cased) but exact:
for val in srch_vals:
srch_str = "%s:(?P<f>\w+)" % val[0]
srch_res = re.findall(srch_str, srch_data)
for res in srch_res:
parsed = True
if val[0] in ['source', 'desc', 'hostname']:
query &= (val[1].upper().contains(res.upper()))
else:
query &= (val[1].upper() == res.upper())