Skip to content

Commit

Permalink
Merge pull request #17 from chrissanders/flowbat/1.4.0
Browse files Browse the repository at this point in the history 
Flowbat/1.4.0
  • Loading branch information
@chrissanders
chrissanders committed Jan 12, 2016
2 parents 1021918 + bea078e commit 1853588
Show file tree
Hide file tree
Showing 199 changed files with 18,234 additions and 94 deletions.
7 changes: 5 additions & 2 deletions client/templates/ipset/ipset.html.jade
View file
Expand Up @@ -6,7 +6,8 @@ template(name="ipset")
form.panel.panel-default
.panel-heading
.form-group
label IP Set name
label IP Set Name
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="IP Set name", data-content="This is the name that will be referenced in the query builder.")
.input-group
+input(family="ipset" _id=_id property="name" value=name isNew=isNew)
.input-group-btn
Expand All @@ -20,9 +21,11 @@ template(name="ipset")
.panel-body
.form-group
label Note
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Note", data-content="These notes are for personal use and can be quickly referenced when examining the list in the IP Sets tab in the navbar.")
+textarea(family="ipset" _id=_id property="note" value=note isNew=isNew)
.form-group
label IP addresses
label IP Addresses
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="IP addresses", data-content="List of IP addresses or CIDR ranges. When sets are specified in the query builder (via Source IP Set, Destination IP Set, or Any IP Set), records that contain matching IP addresses will be displayed.")
+textarea(family="ipset" _id=_id property="contents" value=contents isNew=isNew)
.form-group
button.btn.btn-primary(type="submit") Save
Expand Down
7 changes: 7 additions & 0 deletions client/templates/ipset/ipset.js.coffee
View file
Expand Up @@ -3,6 +3,13 @@ Template.ipset.helpers
share.Queries.find({isQuick: false, $or: [{sipSet: @_id}, {dipSet: @_id}, {anySet: @_id}]})

Template.ipset.rendered = ->

@$(".panel").popover(
selector: "*[data-toggle='popover']"
trigger: "hover"
delay: {show: 300, hide: 100}
)

@$("form").validate(
rules:
name:
Expand Down
5 changes: 4 additions & 1 deletion client/templates/ipset/ipsetCreate/ipsetCreate.html.jade
View file
Expand Up @@ -7,13 +7,16 @@ template(name="ipsetCreate")
.panel-heading
.form-group
label IP Set name
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="IP Set name", data-content="This is the name that will be referenced in the query builder.")
+input(family="ipset" _id=_id property="name" value=name isNew=isNew)
.panel-body
.form-group
label Note
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Note", data-content="These notes are for personal use and can be quickly referenced when examining the list in the IP Sets tab in the navbar.")
+textarea(family="ipset" _id=_id property="note" value=note isNew=isNew)
.form-group
label IP addresses
label IP Addresses
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="IP addresses", data-content="List of IP addresses or CIDR ranges. When sets are specified in the query builder (via Source IP Set, Destination IP Set, or Any IP Set), records that contain matching IP addresses will be displayed.")
+textarea(family="ipset" _id=_id property="contents" value=contents isNew=isNew)
.form-group
button.btn.btn-primary(type="submit") Create
7 changes: 7 additions & 0 deletions client/templates/ipset/ipsetCreate/ipsetCreate.js.coffee
View file
Expand Up @@ -2,6 +2,13 @@ Template.ipsetCreate.helpers
# helper: ->

Template.ipsetCreate.rendered = ->

@$(".panel").popover(
selector: "*[data-toggle='popover']"
trigger: "hover"
delay: {show: 300, hide: 100}
)

@$("form").validate(
rules:
name:
Expand Down
80 changes: 51 additions & 29 deletions client/templates/results/table/table.html.jade
View file
Expand Up @@ -44,34 +44,56 @@ template(name="table")
else
| {{value}}
if isPivotable ../../output
ul.dropdown-menu(role='menu', aria-labelledby='dropdownMenu1')
if condition ../../output "is" "rwcut"
ul.dropdown-menu(role='menu', aria-labelledby='dropdownMenu1')
if condition _id "in" "sIP" "dIP"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sIP"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="dIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.dIP"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="aIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.aIP"}}"
li(role='presentation')
a(href="https://www.robtex.com/ip/{{value}}.html" target="_blank") Search robtex for {{value}}
else if condition _id "in" "sPort" "dPort"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sPort"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="dPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.dPort"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="aPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.aPort"}}"
li(role='presentation')
a(href="https://isc.sans.edu/port.html?port={{value}}" target="_blank") More Information on Port {{value}}...
else if condition _id "in" "sTime" "eTime"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sTime", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sTime"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="eTime", data-value="{{value}}") Add to query as "{{t "rwcut.fields.eTime"}}"
li(role='presentation')
a.add-to-query-as-before-after-time(role='menuitem', tabindex='-1', href='#', data-spread="60000", data-value="{{value}}") Add to query as "Before/After Time (1 Minute)"
li(role='presentation')
a.add-to-query-as-before-after-time(role='menuitem', tabindex='-1', href='#', data-spread="300000", data-value="{{value}}") Add to query as "Before/After Time (5 Minutes)"
else
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="{{_id}}", data-value="{{value}}") Add to query as "{{fieldI18n}}"
else
if condition _id "in" "sIP" "dIP"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sIP"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="dIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.dIP"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="aIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.aIP"}}"
li(role='presentation')
a(href="https://www.robtex.com/ip/{{value}}.html" target="_blank") Search robtex for {{value}}
ul.dropdown-menu(role='menu', aria-labelledby='dropdownMenu1')
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sIP"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="dIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.dIP"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="aIP", data-value="{{value}}") Add to query as "{{t "rwcut.fields.aIP"}}"
li(role='presentation')
a(href="https://www.robtex.com/ip/{{value}}.html" target="_blank") Search robtex for {{value}}
else if condition _id "in" "sPort" "dPort"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sPort"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="dPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.dPort"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="aPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.aPort"}}"
li(role='presentation')
a(href="https://isc.sans.edu/port.html?port={{value}}" target="_blank") More Information on Port {{value}}...
else if condition _id "in" "sTime" "eTime"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sTime", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sTime"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="eTime", data-value="{{value}}") Add to query as "{{t "rwcut.fields.eTime"}}"
li(role='presentation')
a.add-to-query-as-before-after-time(role='menuitem', tabindex='-1', href='#', data-spread="60000", data-value="{{value}}") Add to query as "Before/After Time (1 Minute)"
li(role='presentation')
a.add-to-query-as-before-after-time(role='menuitem', tabindex='-1', href='#', data-spread="300000", data-value="{{value}}") Add to query as "Before/After Time (5 Minutes)"
else
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="{{_id}}", data-value="{{value}}") Add to query as "{{fieldI18n}}"
ul.dropdown-menu(role='menu', aria-labelledby='dropdownMenu1')
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="sPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.sPort"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="dPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.dPort"}}"
li(role='presentation')
a.add-to-query(role='menuitem', tabindex='-1', href='#', data-id="aPort", data-value="{{value}}") Add to query as "{{t "rwcut.fields.aPort"}}"
li(role='presentation')
a(href="https://isc.sans.edu/port.html?port={{value}}" target="_blank") More Information on Port {{value}}...
2 changes: 1 addition & 1 deletion client/templates/results/table/table.js.coffee
View file
@@ -1,6 +1,6 @@
Template.table.helpers
isPivotable: (output) ->
output is "rwcut"
output isnt "rwcount"
fieldI18n: ->
i18n.t("rwcut.fields." + @_id)
protocolname: ->
Expand Down
7 changes: 5 additions & 2 deletions client/templates/tuple/tuple.html.jade
View file
Expand Up @@ -6,7 +6,8 @@ template(name="tuple")
form.panel.panel-default
.panel-heading
.form-group
label Tuple name
label Tuple File Name
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Tuple file name", data-content="This is the name that will be referenced in the query builder. Tuples allow for searching for records based on the 5-tuple, where the values can occur in any direction.")
.input-group
+input(family="tuple" _id=_id property="name" value=name isNew=isNew)
.input-group-btn
Expand All @@ -20,9 +21,11 @@ template(name="tuple")
.panel-body
.form-group
label Note
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Note", data-content="These notes are for personal use and can be quickly referenced when examining tuples in the Tuple Files tab.")
+textarea(family="tuple" _id=_id property="note" value=note isNew=isNew)
.form-group
label IP addresses
label Tuple Values
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Note", data-content="You may enter a list of n-tuples, up to a 5-tuple. You may choose to 2 IP addresses instead of the full 5 tuple to examine records going in either direction or be port specific in order to filter more closely. For more information, see the options in the query builder.")
+textarea(family="tuple" _id=_id property="contents" value=contents isNew=isNew)
.form-group
button.btn.btn-primary(type="submit") Save
Expand Down
7 changes: 7 additions & 0 deletions client/templates/tuple/tuple.js.coffee
View file
Expand Up @@ -3,6 +3,13 @@ Template.tuple.helpers
share.Queries.find({isQuick: false, $or: [{tupleFile: @_id}]})

Template.tuple.rendered = ->

@$(".panel").popover(
selector: "*[data-toggle='popover']"
trigger: "hover"
delay: {show: 300, hide: 100}
)

@$("form").validate(
rules:
name:
Expand Down
5 changes: 4 additions & 1 deletion client/templates/tuple/tupleCreate/tupleCreate.html.jade
View file
Expand Up @@ -6,14 +6,17 @@ template(name="tupleCreate")
form.panel.panel-default
.panel-heading
.form-group
label Tuple file name
label Tuple File Name
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Tuple file name", data-content="This is the name that will be referenced in the query builder. Tuples allow for searching for records based on the 5-tuple, where the values can occur in any direction.")
+input(family="tuple" _id=_id property="name" value=name isNew=isNew)
.panel-body
.form-group
label Note
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Note", data-content="These notes are for personal use and can be quickly referenced when examining tuples in the Tuple Files tab.")
+textarea(family="tuple" _id=_id property="note" value=note isNew=isNew)
.form-group
label Tuple Values
i.fa.fa-question-circle.text-muted(data-toggle="popover", title="Note", data-content="You may enter a list of n-tuples, up to a 5-tuple. You may choose to 2 IP addresses instead of the full 5 tuple to examine records going in either direction or be port specific in order to filter more closely. For more information, see the options in the query builder.")
+textarea(family="tuple" _id=_id property="contents" value=contents isNew=isNew)
.form-group
button.btn.btn-primary(type="submit") Create
7 changes: 7 additions & 0 deletions client/templates/tuple/tupleCreate/tupleCreate.js.coffee
View file
Expand Up @@ -2,6 +2,13 @@ Template.tupleCreate.helpers
# helper: ->

Template.tupleCreate.rendered = ->

@$(".panel").popover(
selector: "*[data-toggle='popover']"
trigger: "hover"
delay: {show: 300, hide: 100}
)

@$("form").validate(
rules:
name:
Expand Down
13 changes: 7 additions & 6 deletions lib/transformations.coffee
View file
Expand Up @@ -69,25 +69,26 @@ class share.Query
row = []
for parsedValue, index in parsedRow
spec = @header[index]
if @output is "rwcount" and spec.name not in @rwcountFields
continue
row.push({_id: spec._id, value: parsedValue, queryId: @_id})
@rows.push(row)
filteredHeader = []
for spec in @header
if @output is "rwcount" and spec.name not in @rwcountFields
continue
filteredHeader.push(spec)
@header = filteredHeader
displayName: ->
if @isQuick then "Quick query #" + @_id else @name or "#" + @_id
inputCommand: (config, profile, isPresentation = false) ->
command = "rwfilter"
command += " " + @inputOptions(config)

if config.siteConfigFile
command += " --site-config-file=" + config.siteConfigFile
if config.dataRootdir
command += " --data-rootdir=" + config.dataRootdir
rwFileValidate = command.search(RegExp(' (\\/|\\w)+\\.(rwf|rw)', 'i'))

if rwFileValidate < 0
if config.dataRootdir
command += " --data-rootdir=" + config.dataRootdir

command += " --pass=stdout"
for exclusion in @inputExclusions()
command += " | rwfilter --input-pipe=stdin"
Expand Down
2 changes: 1 addition & 1 deletion private/bundle/programs/server/app/lib/security.coffee.js.map
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 1853588

Please sign in to comment.