diff --git a/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale.php b/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale.php
new file mode 100644
index 0000000000000000000000000000000000000000..b89d6e2badd02e25473f091762fe126a271300f5
--- /dev/null
+++ b/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale.php
@@ -0,0 +1,70 @@
+<?
+include("db.php");
+
+
+if(!isset($_GET['per'])){$_GET['per']="hour";}
+switch( $_GET['per']) {
+ case "hour":
+ $agg = 1;
+ break;
+ case "day":
+ $agg = 24;
+ break;
+ case "month":
+ $agg = 24*30; // -30.5 ?
+ break;
+}
+
+#sqli todo
+#selector
+if(!IsSet($_GET['where'])) {
+ $where="detected>from_unixtime(0)";
+} else {
+ $where = base64_decode($_GET['where']);
+}
+
+$query_cols = "hostname,service,type";
+
+
+
+
+
+#seznam sloupcu ve vysledku, todo dyn
+$cols=array();
+$q = "SELECT concat_ws('-',$query_cols) as col FROM events WHERE $where GROUP BY $query_cols";
+#var_dump($q);
+$res = mysql_query($q, $db);
+for($i=0; $i<mysql_num_rows($res); $i++) {
+ $tmp = mysql_fetch_assoc($res);
+# var_dump($tmp);
+ $cols[ $tmp["col"] ]=$i;
+}
+#var_dump($cols);
+#print array_keys($cols);
+$count_cols=count($cols);
+
+
+
+
+
+#select data
+$data=array();
+#casova posloupnost
+# premapuju podle staticky alokovanych sloupcu, posilam to rovnou do grafu
+$q = "SELECT unix_timestamp(detected)-(unix_timestamp(detected)%(3600*$agg)) as t, concat_ws('-',$query_cols) as col, sum(attack_scale) as totalScale FROM events WHERE $where GROUP BY $query_cols, t;";
+#var_dump($q);
+$res = mysql_query($q, $db);
+while ($tmp = mysql_fetch_assoc($res)) {
+ #var_dump($tmp);
+ $d=array_fill(0, $count_cols, 0);
+ $d[ $cols[ $tmp["col"] ] ] = (int)$tmp["totalScale"];
+ array_unshift($d, (int)$tmp["t"]);
+ array_push($data, $d);
+}
+
+
+#print json_encode($d);
+print json_encode(array("cols"=>array_keys($cols), "data"=>$data));
+
+?>
+
diff --git a/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale_html.php b/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale_html.php
new file mode 100644
index 0000000000000000000000000000000000000000..ed4c6864e54f24379c40bdcf3ea1e791ec44743d
--- /dev/null
+++ b/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale_html.php
@@ -0,0 +1,57 @@
+<? if(!isset($_GET['per'])){$_GET['per']="day";} ?>
+<html>
+ <head>
+ <script type="text/javascript" language="javascript" src="datatables/media/js/jquery.js"></script>
+ <script type="text/javascript" src="https://www.google.com/jsapi"></script>
+ <script type="text/javascript">
+ google.load("visualization", "1", {packages:["corechart"]});
+ google.setOnLoadCallback(fetchData);
+
+ function fetchData() {
+ <? #TODO: fuj
+ if(!isSet($_GET['where'])) { ?>
+ $.getJSON('graph_HostnameServiceTypeActivity.php?per=<? print $_GET['per'];?>', drawChart);
+ <? } else { ?>
+ $.getJSON('graph_HostnameServiceTypeActivity.php?per=<? print $_GET['per'];?>&where=<?print $_GET['where'];?>', drawChart);
+ <? } ?>
+ }
+
+ function drawChart(sdata) {
+ //console.log(sdata);
+ var data = new google.visualization.DataTable();
+ data.addColumn('datetime', 'Date');
+ //console.log(sdata.cols);
+ for (var i = 0; i < sdata.cols.length; i++) {
+ data.addColumn('number', sdata.cols[i]);
+ }
+
+ sdatalen=sdata.data.length;
+ if(sdatalen > 1000) {
+ alert("Too many rows:"+sdatalen);
+ sdatalen=1000;
+ }
+
+ for (var i = 0; i < sdatalen; i++) {
+ //for (var i = 0; i < 10; i++) {
+ sdata.data[i][0] = new Date(sdata.data[i][0]*1000);
+ //console.log(sdata.data[i]);
+ data.addRow(sdata.data[i]);
+ }
+ var options = {
+ vAxis: { logScale: true, title: "totalScale" },
+ interpolateNulls: true,
+ ___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
+ chartArea: {'width': '80%', 'height': '90%'},
+ pointSize: 5
+ };
+
+ var chart = new google.visualization.LineChart(document.getElementById('chart_div'));
+ chart.draw(data, options);
+ }
+ </script>
+ </head>
+ <body>
+ <div id="chart_div" style="width: 100%; height: 95%;"></div>
+ </body>
+</html>
+
diff --git a/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivity_html.php b/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivity_html.php
index a16d0e2db416d53b8696340b37bba4528966dbf0..ef24b8da29adb31391461d03d081869f5fa2994d 100644
--- a/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivity_html.php
+++ b/src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivity_html.php
@@ -38,7 +38,7 @@
data.addRow(sdata.data[i]);
}
var options = {
- vAxis: { logScale: true },
+ vAxis: { logScale: true, title: "events" },
interpolateNulls: true,
___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
chartArea: {'width': '80%', 'height': '90%'},
diff --git a/src/warden-server/contrib/wardenweb/graph_TopTargetports.php b/src/warden-server/contrib/wardenweb/graph_TopTargetports.php
index 9833ba84b5c3f082d5e890179d0611285d3ea286..dd46337947084a8a095276901c8f4739c79d6b01 100644
--- a/src/warden-server/contrib/wardenweb/graph_TopTargetports.php
+++ b/src/warden-server/contrib/wardenweb/graph_TopTargetports.php
@@ -9,19 +9,20 @@ include("db.php");
$cols=array();
$i=0;
$cols["target_port"]=$i++;
-$cols["count"]=$i++;
+$cols["totalScale"]=$i++;
$count_cols=count($cols);
#select data
$data=array();
-$q = "select target_port, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by count desc limit 300;";
+#$q = "select target_port, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by count desc limit 300;";
+$q = "select target_port, sum(attack_scale) as totalScale from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by totalScale desc limit 300;";
#var_dump($q);
$res = mysql_query($q, $db);
while ($tmp = mysql_fetch_assoc($res)) {
#var_dump($tmp);
- array_push($data, array((int)$tmp['target_port'],(int)$tmp['count']));
+ array_push($data, array((int)$tmp['target_port'],(int)$tmp['totalScale']));
}
diff --git a/src/warden-server/contrib/wardenweb/graph_TypeActivityScale.php b/src/warden-server/contrib/wardenweb/graph_TypeActivityScale.php
new file mode 100644
index 0000000000000000000000000000000000000000..c189c0f1c9c2701941a839cfe346ce6c080943fa
--- /dev/null
+++ b/src/warden-server/contrib/wardenweb/graph_TypeActivityScale.php
@@ -0,0 +1,65 @@
+<?
+include("db.php");
+
+
+if(!isset($_GET['per'])){$_GET['per']="hour";}
+switch( $_GET['per']) {
+ case "hour":
+ $agg = 1;
+ break;
+ case "day":
+ $agg = 24;
+ break;
+ case "month":
+ $agg = 24*30; // -30.5 ?
+ break;
+}
+
+#sqli todo
+#selector
+$where="detected>from_unixtime(0)";
+$query_cols = "type";
+
+
+
+
+
+#seznam sloupcu ve vysledku, todo dyn
+$cols=array();
+$q = "SELECT concat_ws('-',$query_cols) as col FROM events WHERE $where GROUP BY $query_cols";
+#var_dump($q);
+$res = mysql_query($q, $db);
+for($i=0; $i<mysql_num_rows($res); $i++) {
+ $tmp = mysql_fetch_assoc($res);
+# var_dump($tmp);
+ $cols[ $tmp["col"] ]=$i;
+}
+#var_dump($cols);
+#print array_keys($cols);
+$count_cols=count($cols);
+
+
+
+
+
+#select data
+$data=array();
+#casova posloupnost
+# premapuju podle staticky alokovanych sloupcu, posilam to rovnou do grafu
+$q = "SELECT unix_timestamp(detected)-(unix_timestamp(detected)%(3600*$agg)) as t, concat_ws('-',$query_cols) as col, sum(attack_scale) as totalScale FROM events WHERE $where GROUP BY $query_cols, t;";
+#var_dump($q);
+$res = mysql_query($q, $db);
+while ($tmp = mysql_fetch_assoc($res)) {
+ #var_dump($tmp);
+ $d=array_fill(0, $count_cols, 0);
+ $d[ $cols[ $tmp["col"] ] ] = (int)$tmp["totalScale"];
+ array_unshift($d, (int)$tmp["t"]);
+ array_push($data, $d);
+}
+
+
+#print json_encode($d);
+print json_encode(array("cols"=>array_keys($cols), "data"=>$data));
+
+?>
+
diff --git a/src/warden-server/contrib/wardenweb/graph_TypeActivityScale_html.php b/src/warden-server/contrib/wardenweb/graph_TypeActivityScale_html.php
new file mode 100644
index 0000000000000000000000000000000000000000..7b32c0f72e313cdfe56f90e7fad6421df7f9f105
--- /dev/null
+++ b/src/warden-server/contrib/wardenweb/graph_TypeActivityScale_html.php
@@ -0,0 +1,53 @@
+<? if(!isset($_GET['per'])){$_GET['per']="day";} ?>
+<html>
+ <head>
+ <script type="text/javascript" language="javascript" src="datatables/media/js/jquery.js"></script>
+ <script type="text/javascript" src="https://www.google.com/jsapi"></script>
+ <script type="text/javascript">
+ google.load("visualization", "1", {packages:["corechart"]});
+ google.setOnLoadCallback(fetchData);
+
+ function fetchData() {
+ $.getJSON('graph_TypeActivityScale.php?per=<? print $_GET['per'];?>', drawChart);
+ }
+
+ function drawChart(sdata) {
+ console.log(sdata);
+ var data = new google.visualization.DataTable();
+ data.addColumn('datetime', 'Date');
+ console.log(sdata.cols);
+ for (var i = 0; i < sdata.cols.length; i++) {
+ data.addColumn('number', sdata.cols[i]);
+ }
+
+ sdatalen=sdata.data.length;
+ if(sdatalen > 1000) {
+ alert("Too many rows:"+sdatalen);
+ sdatalen=1000;
+ }
+
+ for (var i = 0; i < sdatalen; i++) {
+ //for (var i = 0; i < 10; i++) {
+ sdata.data[i][0] = new Date(sdata.data[i][0]*1000);
+ console.log(sdata.data[i]);
+ data.addRow(sdata.data[i]);
+ }
+ var options = {
+ vAxis: { logScale: true, title: "totalScale" },
+ interpolateNulls: true,
+ ___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
+ chartArea: {'width': '85%', 'height': '85%'},
+ legend: {'position': 'top'},
+ pointSize: 5
+ };
+
+ var chart = new google.visualization.LineChart(document.getElementById('chart_div'));
+ chart.draw(data, options);
+ }
+ </script>
+ </head>
+ <body>
+ <div id="chart_div" style="width: 100%; height: 100%;"></div>
+ </body>
+</html>
+
diff --git a/src/warden-server/contrib/wardenweb/graph_TypeActivity_html.php b/src/warden-server/contrib/wardenweb/graph_TypeActivity_html.php
index b2461a1adffde42a2b756974175681ec5dec0268..018fe97e92b70b4b3b6bf6b5b8718d471e789c25 100644
--- a/src/warden-server/contrib/wardenweb/graph_TypeActivity_html.php
+++ b/src/warden-server/contrib/wardenweb/graph_TypeActivity_html.php
@@ -33,7 +33,7 @@
data.addRow(sdata.data[i]);
}
var options = {
- vAxis: { logScale: true },
+ vAxis: { logScale: true, title: "events" },
interpolateNulls: true,
___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
chartArea: {'width': '85%', 'height': '85%'},
diff --git a/src/warden-server/contrib/wardenweb/show_HostnameServiceTypeActivity.php b/src/warden-server/contrib/wardenweb/show_HostnameServiceTypeActivity.php
index 21055807a29103057c8b71fb923dc0220200d9c1..18c12cb5a341f98865c6f00963f9839ea3104581 100644
--- a/src/warden-server/contrib/wardenweb/show_HostnameServiceTypeActivity.php
+++ b/src/warden-server/contrib/wardenweb/show_HostnameServiceTypeActivity.php
@@ -123,7 +123,7 @@ if( IsSet($_POST["btnSubmit"])) {
<?
if( IsSet($_POST["btnSubmit"]) and !empty($where)) {
- print("<iframe src=\"graph_HostnameServiceTypeActivity_html.php?per=hour&where=".base64_encode($where)."\" style=\"width:100%; height:500\"></iframe>");
+ print("<iframe src=\"graph_HostnameServiceTypeActivity_html.php?per=day&where=".base64_encode($where)."\" style=\"width:100%; height:500\"></iframe>");
}
?>
diff --git a/src/warden-server/contrib/wardenweb/stats.php b/src/warden-server/contrib/wardenweb/stats.php
index 58e27df2aa32ce30152f7e5cc4c08b045d2c8af9..210f9bf34f4912acf3da68a3feadf4458d26cbd0 100644
--- a/src/warden-server/contrib/wardenweb/stats.php
+++ b/src/warden-server/contrib/wardenweb/stats.php
@@ -44,6 +44,17 @@ if(isset($_GET['c']))
</tr>
<tr>
+<td width="50%">
+<iframe src="graph_TypeActivityScale_html.php" style="width:100%; height:400"></iframe>
+</td>
+
+<td>
+<iframe src="graph_HostnameServiceTypeActivityScale_html.php" style="width:100%; height:400"></iframe>
+</td>
+
+</tr>
+<tr>
+
<td colspan=2>
<iframe src="table_HostnameServiceType.html" style="width:100%; height:600"></iframe>
</td>
diff --git a/src/warden-server/contrib/wardenweb/table_HostnameServiceType.html b/src/warden-server/contrib/wardenweb/table_HostnameServiceType.html
index 6e2e1f5da64b9799222eb5293331227a8d17756e..046876f0c8161b9ea8f2035e91dd102975407f79 100644
--- a/src/warden-server/contrib/wardenweb/table_HostnameServiceType.html
+++ b/src/warden-server/contrib/wardenweb/table_HostnameServiceType.html
@@ -16,7 +16,8 @@ $(document).ready(function() {
{ "mDataProp": "hostname" },
{ "mDataProp": "service" },
{ "mDataProp": "type" },
- { "mDataProp": "count" },
+ { "mDataProp": "events" },
+ { "mDataProp": "totalScale" },
{ "mDataProp": "lastdetected" },
{ "mDataProp": "lastreceived" }
]
@@ -32,7 +33,8 @@ $(document).ready(function() {
<th>hostname</th>
<th>service</th>
<th>type</th>
- <th>count</th>
+ <th>events</th>
+ <th>totalScale</th>
<th>lastdetected</th>
<th>lastreceived</th>
</thead>
diff --git a/src/warden-server/contrib/wardenweb/table_HostnameServiceType.php b/src/warden-server/contrib/wardenweb/table_HostnameServiceType.php
index 3df0cb028dafd4dcaae588629f04168911de5391..c8174471afe9811c1d42466fce34a0c3a3f919b8 100644
--- a/src/warden-server/contrib/wardenweb/table_HostnameServiceType.php
+++ b/src/warden-server/contrib/wardenweb/table_HostnameServiceType.php
@@ -2,7 +2,7 @@
include("db.php");
-$q = "SELECT hostname,service,type,count(*) as count, max(detected) as lastdetected,max(received) as lastreceived FROM `events` group by hostname,service,type;";
+$q = "SELECT hostname,service,type,count(*) as events, sum(attack_scale) as totalScale, max(detected) as lastdetected,max(received) as lastreceived FROM `events` group by hostname,service,type;";
$res = mysql_query($q, $db);
if (mysql_num_rows($res) == 0) { die("nodata");}
diff --git a/src/warden-server/contrib/wardenweb/table_TopSources.html b/src/warden-server/contrib/wardenweb/table_TopSources.html
index 4c65de2520e87c64312283baa2dff5e426dd9462..019764a1b271b2b3620e9c000c0d2b227d4cb0a1 100644
--- a/src/warden-server/contrib/wardenweb/table_TopSources.html
+++ b/src/warden-server/contrib/wardenweb/table_TopSources.html
@@ -14,7 +14,8 @@ $(document).ready(function() {
"sAjaxSource": "table_TopSources.php",
"aoColumns": [
{ "mDataProp": "source" },
- { "mDataProp": "count" }
+ { "mDataProp": "events" },
+ { "mDataProp": "totalScale" }
]
} );
} );
@@ -26,7 +27,8 @@ $(document).ready(function() {
<table cellpadding="0" cellspacing="0" border="0" class="display" id="example" width="100%">
<thead>
<th>source</th>
- <th>count</th>
+ <th>events</th>
+ <th>totalScale</th>
</thead>
</table>
</body>
diff --git a/src/warden-server/contrib/wardenweb/table_TopSources.php b/src/warden-server/contrib/wardenweb/table_TopSources.php
index 6aa702e4c3ef998f6b8131202b9acf03d9f5fb5b..ddf89db81d30164c76810135d1df5c4f05519d0a 100644
--- a/src/warden-server/contrib/wardenweb/table_TopSources.php
+++ b/src/warden-server/contrib/wardenweb/table_TopSources.php
@@ -2,7 +2,7 @@
include("db.php");
-$q = "select source, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by source order by count desc limit 100;";
+$q = "select source, count(*) as events, sum(attack_scale) as totalScale from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by source order by totalScale desc limit 100;";
$res = mysql_query($q, $db);
if (mysql_num_rows($res) == 0) { die("nodata");}
diff --git a/src/warden-server/contrib/wardenweb/table_TopTargetports.html b/src/warden-server/contrib/wardenweb/table_TopTargetports.html
index c8c47c4efcb8c78327ccb201ab894c6e613b5084..932241a453855c8355acf0bf261a877ffbc5ed62 100644
--- a/src/warden-server/contrib/wardenweb/table_TopTargetports.html
+++ b/src/warden-server/contrib/wardenweb/table_TopTargetports.html
@@ -14,7 +14,8 @@ $(document).ready(function() {
"sAjaxSource": "table_TopTargetports.php",
"aoColumns": [
{ "mDataProp": "target_port" },
- { "mDataProp": "count" }
+ { "mDataProp": "events" },
+ { "mDataProp": "totalScale" }
]
} );
} );
@@ -26,7 +27,8 @@ $(document).ready(function() {
<table cellpadding="0" cellspacing="0" border="0" class="display" id="example" width="100%">
<thead>
<th>target_port</th>
- <th>count</th>
+ <th>events</th>
+ <th>totalScale</th>
</thead>
</table>
</body>
diff --git a/src/warden-server/contrib/wardenweb/table_TopTargetports.php b/src/warden-server/contrib/wardenweb/table_TopTargetports.php
index ce7d6941f6f3d48974cbe8a3d4983a7f8ecf961a..4de3b745183b56047408415e46bdb45a9b40cd93 100644
--- a/src/warden-server/contrib/wardenweb/table_TopTargetports.php
+++ b/src/warden-server/contrib/wardenweb/table_TopTargetports.php
@@ -2,7 +2,7 @@
include("db.php");
-$q = "select target_port, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by count desc limit 300;";
+$q = "select target_port, count(*) as events, sum(attack_scale) as totalScale from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by totalScale desc limit 300;";
$res = mysql_query($q, $db);
if (mysql_num_rows($res) == 0) { die("nodata");}