-
Notifications
You must be signed in to change notification settings - Fork 585
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Post upload file in the new frontend #2322
Closed
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add formatting python files documentation
marcobrotto
force-pushed
the
post_upload_file
branch
from
September 9, 2022 14:13
4b7ebe1
to
683b197
Compare
marcobrotto
force-pushed
the
post_upload_file
branch
from
September 9, 2022 14:24
daaf98c
to
a459410
Compare
marcobrotto
requested review from
berggren,
tomchop and
jaegeral
and removed request for
berggren and
tomchop
September 9, 2022 14:25
marcobrotto
force-pushed
the
post_upload_file
branch
from
September 9, 2022 14:43
26eb692
to
193af4d
Compare
jaegeral
requested changes
Sep 12, 2022
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please check the merge conflict
jaegeral
approved these changes
Sep 13, 2022
New PR #2326 |
This pull request was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Post file upload in the new frontend
Improvements
Implementation and Design Idea
When a timeline is uploaded on the server, it may have 3 different status: ready, processing or fail. We always show to the user the status of his timelines.
Every 5 seconds, we do an API request for the non ready/failed timelines. The server sends us the status of the timeline plus the 2 extra parameters: the total events of that timeline and the current number of indexed events.
We will call the first variable
total_events
and the second oneindexed_events
. The first one can be computed only once, for example when the file is uploaded (seeuplaod.py
,get_total_events
). The second one needs to be computed every time we ask the server if the timeline is ready or not.total_events
We modified the schema of the SQL table Timeline. In particular, we added the attribute
total_events
that represents how many events the timeline has.How total_events is computed
For efficiency, we run subprocess Python command to extract this information.
pinfo.py
and we extract the total events. This command gives us more useful information such as which parser has been used.wc -l file_name
.Why do we need another attribute in the Timeline table?
Adding a new attribute to the schema of a table was not an easy choice because it implies modifying the schema of Timesketch infrastructure. We considered another option that is passing the
total_events
value in the UPLOAD API response, and, on the client, store this value in the VUE store. However this solution has the main disadvantage that the UPLOAD API is called only once, i.e., after the file is uploaded on the server. If the user refresh the page, then we lose this value on the server. On the contrary, havingtotal_events
stored in the schema of the Timeline, allows us to retrieve it every time we perform an API requestapi/v1/sketches/ID_scketch/timelines/ID_timeline
.The third solution is to compute this value every time we perform the above API request. However, this idea is not efficient since
total_events
will always be the same value.indexed_events
This information is retrieved by querying the Opensearch database when we send the API
api/v1/sketches/ID_scketch/timelines/ID_timeline
.Progress percentage and remaining time
The progress percentage
P_perc
is equal to:The remaining time
R_t
is equal to:Major file updates
Frontend
TimelinePicker.vue
: This component is responsible for showing ALL the timelines of the sketch (also those ones that are not ready).TimelineChip.vue
: This component is responsible for showing the "status-color" of a timeline. For each timeline, depending on its status, this component allows the user to perform a certain set of actions such as observing the status, explore the timeline...TimelineStatus.vue
: this component receives fromTimelineChip.vue
some props such as timeline, indexed events, and status. Although some parameters are "redundant", we decided to pass them anyway because they are both used fromTimelineStatus
andTimelineChip
. This components is responsible to show the user the status information of a timeline.Backend
upload.py
: we compute the total_events for a single timeline. This value is added to the tabletimeline
timeline.py
: we compute the number of the indexed events when the timeline is ready or processing. We add this value in the meta field of the response.