pridelani totalScale a tak ruzne

src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale.php

+<?
+include("db.php");
+
+
+if(!isset($_GET['per'])){$_GET['per']="hour";}
+switch( $_GET['per']) {
+        case "hour":
+		$agg = 1;
+                break;
+        case "day":
+		$agg = 24;
+                break;
+        case "month":
+		$agg = 24*30; // -30.5 ?
+                 break;
+}
+
+#sqli todo
+#selector
+if(!IsSet($_GET['where'])) {
+	$where="detected>from_unixtime(0)";
+} else {
+	$where = base64_decode($_GET['where']);
+}
+
+$query_cols = "hostname,service,type";
+
+
+
+
+
+#seznam sloupcu ve vysledku, todo dyn
+$cols=array();
+$q = "SELECT concat_ws('-',$query_cols) as col FROM events WHERE $where GROUP BY $query_cols";
+#var_dump($q);
+$res = mysql_query($q, $db);
+for($i=0; $i<mysql_num_rows($res); $i++) {
+	$tmp =  mysql_fetch_assoc($res);
+#	var_dump($tmp);
+        $cols[ $tmp["col"] ]=$i;
+}
+#var_dump($cols);
+#print array_keys($cols);
+$count_cols=count($cols);
+
+
+
+
+
+#select data
+$data=array();
+#casova posloupnost
+# premapuju podle staticky alokovanych sloupcu, posilam to rovnou do grafu
+$q = "SELECT unix_timestamp(detected)-(unix_timestamp(detected)%(3600*$agg)) as t, concat_ws('-',$query_cols) as col, sum(attack_scale) as totalScale FROM events WHERE $where GROUP BY $query_cols, t;";
+#var_dump($q);
+$res = mysql_query($q, $db);
+while ($tmp = mysql_fetch_assoc($res)) { 
+	#var_dump($tmp);
+        $d=array_fill(0, $count_cols, 0);
+        $d[ $cols[ $tmp["col"] ] ] = (int)$tmp["totalScale"];
+        array_unshift($d, (int)$tmp["t"]);
+	array_push($data, $d);
+}
+
+
+#print json_encode($d);
+print json_encode(array("cols"=>array_keys($cols), "data"=>$data));
+
+?>
+

src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivityScale_html.php

+<? if(!isset($_GET['per'])){$_GET['per']="day";} ?>
+<html>
+  <head>
+    <script type="text/javascript" language="javascript" src="datatables/media/js/jquery.js"></script>
+    <script type="text/javascript" src="https://www.google.com/jsapi"></script>
+    <script type="text/javascript">
+      google.load("visualization", "1", {packages:["corechart"]});
+      google.setOnLoadCallback(fetchData);
+
+      function fetchData() {
+		<? #TODO: fuj
+		   if(!isSet($_GET['where'])) { ?>
+			$.getJSON('graph_HostnameServiceTypeActivity.php?per=<? print $_GET['per'];?>', drawChart);
+		<? } else { ?>
+			$.getJSON('graph_HostnameServiceTypeActivity.php?per=<? print $_GET['per'];?>&where=<?print $_GET['where'];?>', drawChart);
+		<? } ?>
+        }
+
+      function drawChart(sdata) {
+        //console.log(sdata);
+        var data = new google.visualization.DataTable();
+        data.addColumn('datetime', 'Date');
+        //console.log(sdata.cols);
+        for (var i = 0; i < sdata.cols.length; i++) {
+                data.addColumn('number', sdata.cols[i]);
+        }
+
+      sdatalen=sdata.data.length;
+      if(sdatalen > 1000) {
+        alert("Too many rows:"+sdatalen);
+        sdatalen=1000;
+      }
+
+      for (var i = 0; i < sdatalen; i++) {
+      //for (var i = 0; i < 10; i++) {
+              sdata.data[i][0] = new Date(sdata.data[i][0]*1000);
+              //console.log(sdata.data[i]);
+              data.addRow(sdata.data[i]);
+      }
+        var options = {
+          vAxis: { logScale: true, title: "totalScale" },
+          interpolateNulls: true,
+          ___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
+	  chartArea: {'width': '80%', 'height': '90%'},
+          pointSize: 5
+        };
+
+        var chart = new google.visualization.LineChart(document.getElementById('chart_div'));
+        chart.draw(data, options);
+      }
+    </script>
+  </head>
+  <body>
+    <div id="chart_div" style="width: 100%; height: 95%;"></div>
+  </body>
+</html>
+

src/warden-server/contrib/wardenweb/graph_HostnameServiceTypeActivity_html.php

@@ -38,7 +38,7 @@
               data.addRow(sdata.data[i]);
       }
         var options = {
-          vAxis: { logScale: true },
+          vAxis: { logScale: true, title: "events" },
           interpolateNulls: true,
           ___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
 	  chartArea: {'width': '80%', 'height': '90%'},

src/warden-server/contrib/wardenweb/graph_TopTargetports.php

@@ -9,19 +9,20 @@ include("db.php");
 $cols=array();
 $i=0;
 $cols["target_port"]=$i++;
-$cols["count"]=$i++;
+$cols["totalScale"]=$i++;
 $count_cols=count($cols);
 
 
 #select data
 $data=array();
-$q = "select target_port, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by count desc limit 300;";
+#$q = "select target_port, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by count desc limit 300;";
+$q = "select target_port, sum(attack_scale) as totalScale from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by totalScale desc limit 300;";
 
 #var_dump($q);
 $res = mysql_query($q, $db);
 while ($tmp = mysql_fetch_assoc($res)) { 
 	#var_dump($tmp);
-	array_push($data, array((int)$tmp['target_port'],(int)$tmp['count']));
+	array_push($data, array((int)$tmp['target_port'],(int)$tmp['totalScale']));
 }
 
 

src/warden-server/contrib/wardenweb/graph_TypeActivityScale.php

+<?
+include("db.php");
+
+
+if(!isset($_GET['per'])){$_GET['per']="hour";}
+switch( $_GET['per']) {
+        case "hour":
+		$agg = 1;
+                break;
+        case "day":
+		$agg = 24;
+                break;
+        case "month":
+		$agg = 24*30; // -30.5 ?
+                 break;
+}
+
+#sqli todo
+#selector
+$where="detected>from_unixtime(0)";
+$query_cols = "type";
+
+
+
+
+
+#seznam sloupcu ve vysledku, todo dyn
+$cols=array();
+$q = "SELECT concat_ws('-',$query_cols) as col FROM events WHERE $where GROUP BY $query_cols";
+#var_dump($q);
+$res = mysql_query($q, $db);
+for($i=0; $i<mysql_num_rows($res); $i++) {
+	$tmp =  mysql_fetch_assoc($res);
+#	var_dump($tmp);
+        $cols[ $tmp["col"] ]=$i;
+}
+#var_dump($cols);
+#print array_keys($cols);
+$count_cols=count($cols);
+
+
+
+
+
+#select data
+$data=array();
+#casova posloupnost
+# premapuju podle staticky alokovanych sloupcu, posilam to rovnou do grafu
+$q = "SELECT unix_timestamp(detected)-(unix_timestamp(detected)%(3600*$agg)) as t, concat_ws('-',$query_cols) as col, sum(attack_scale) as totalScale FROM events WHERE $where GROUP BY $query_cols, t;";
+#var_dump($q);
+$res = mysql_query($q, $db);
+while ($tmp = mysql_fetch_assoc($res)) { 
+	#var_dump($tmp);
+        $d=array_fill(0, $count_cols, 0);
+        $d[ $cols[ $tmp["col"] ] ] = (int)$tmp["totalScale"];
+        array_unshift($d, (int)$tmp["t"]);
+	array_push($data, $d);
+}
+
+
+#print json_encode($d);
+print json_encode(array("cols"=>array_keys($cols), "data"=>$data));
+
+?>
+

src/warden-server/contrib/wardenweb/graph_TypeActivityScale_html.php

+<? if(!isset($_GET['per'])){$_GET['per']="day";} ?>
+<html>
+  <head>
+    <script type="text/javascript" language="javascript" src="datatables/media/js/jquery.js"></script>
+    <script type="text/javascript" src="https://www.google.com/jsapi"></script>
+    <script type="text/javascript">
+      google.load("visualization", "1", {packages:["corechart"]});
+      google.setOnLoadCallback(fetchData);
+
+      function fetchData() {
+		$.getJSON('graph_TypeActivityScale.php?per=<? print $_GET['per'];?>', drawChart);
+        }
+
+      function drawChart(sdata) {
+        console.log(sdata);
+        var data = new google.visualization.DataTable();
+        data.addColumn('datetime', 'Date');
+        console.log(sdata.cols);
+        for (var i = 0; i < sdata.cols.length; i++) {
+                data.addColumn('number', sdata.cols[i]);
+        }
+
+      sdatalen=sdata.data.length;
+      if(sdatalen > 1000) {
+        alert("Too many rows:"+sdatalen);
+        sdatalen=1000;
+      }
+
+      for (var i = 0; i < sdatalen; i++) {
+      //for (var i = 0; i < 10; i++) {
+              sdata.data[i][0] = new Date(sdata.data[i][0]*1000);
+              console.log(sdata.data[i]);
+              data.addRow(sdata.data[i]);
+      }
+        var options = {
+          vAxis: { logScale: true, title: "totalScale" },
+          interpolateNulls: true,
+          ___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
+          chartArea: {'width': '85%', 'height': '85%'},
+          legend: {'position': 'top'},
+          pointSize: 5
+        };
+
+        var chart = new google.visualization.LineChart(document.getElementById('chart_div'));
+        chart.draw(data, options);
+      }
+    </script>
+  </head>
+  <body>
+    <div id="chart_div" style="width: 100%; height: 100%;"></div>
+  </body>
+</html>
+

src/warden-server/contrib/wardenweb/graph_TypeActivity_html.php

@@ -33,7 +33,7 @@
               data.addRow(sdata.data[i]);
       }
         var options = {
-          vAxis: { logScale: true },
+          vAxis: { logScale: true, title: "events" },
           interpolateNulls: true,
           ___colors:['#008000','#ff0000','#FFA500','#FA8072','#AFEEEE','#00A5C6','#DEBDDE','#000000'],
           chartArea: {'width': '85%', 'height': '85%'},

src/warden-server/contrib/wardenweb/show_HostnameServiceTypeActivity.php

@@ -123,7 +123,7 @@ if( IsSet($_POST["btnSubmit"])) {
 
 <?
 	if( IsSet($_POST["btnSubmit"]) and !empty($where)) {
-		print("<iframe src=\"graph_HostnameServiceTypeActivity_html.php?per=hour&where=".base64_encode($where)."\" style=\"width:100%; height:500\"></iframe>");
+		print("<iframe src=\"graph_HostnameServiceTypeActivity_html.php?per=day&where=".base64_encode($where)."\" style=\"width:100%; height:500\"></iframe>");
 	}
 ?>
 

src/warden-server/contrib/wardenweb/stats.php

@@ -44,6 +44,17 @@ if(isset($_GET['c']))
 </tr>
 <tr>
 
+<td width="50%">
+<iframe src="graph_TypeActivityScale_html.php" style="width:100%; height:400"></iframe>
+</td>
+
+<td>
+<iframe src="graph_HostnameServiceTypeActivityScale_html.php" style="width:100%; height:400"></iframe>
+</td>
+
+</tr>
+<tr>
+
 <td colspan=2>
 <iframe src="table_HostnameServiceType.html" style="width:100%; height:600"></iframe>
 </td>

src/warden-server/contrib/wardenweb/table_HostnameServiceType.html

@@ -16,7 +16,8 @@ $(document).ready(function() {
             { "mDataProp": "hostname" },
             { "mDataProp": "service" },
             { "mDataProp": "type" },
-            { "mDataProp": "count" },
+            { "mDataProp": "events" },
+            { "mDataProp": "totalScale" },
             { "mDataProp": "lastdetected" },
             { "mDataProp": "lastreceived" }
         ]
@@ -32,7 +33,8 @@ $(document).ready(function() {
 	<th>hostname</th>
 	<th>service</th>
 	<th>type</th>
-	<th>count</th>
+	<th>events</th>
+	<th>totalScale</th>
 	<th>lastdetected</th>
 	<th>lastreceived</th>
 </thead>

src/warden-server/contrib/wardenweb/table_HostnameServiceType.php

@@ -2,7 +2,7 @@
 
 include("db.php");
 
-$q = "SELECT hostname,service,type,count(*) as count, max(detected) as lastdetected,max(received) as lastreceived FROM `events` group by hostname,service,type;";
+$q = "SELECT hostname,service,type,count(*) as events, sum(attack_scale) as totalScale, max(detected) as lastdetected,max(received) as lastreceived FROM `events` group by hostname,service,type;";
 $res = mysql_query($q, $db);
 if (mysql_num_rows($res) == 0) { die("nodata");}
 

src/warden-server/contrib/wardenweb/table_TopSources.html

@@ -14,7 +14,8 @@ $(document).ready(function() {
         "sAjaxSource": "table_TopSources.php",
         "aoColumns": [
             { "mDataProp": "source" },
-            { "mDataProp": "count" }
+            { "mDataProp": "events" },
+            { "mDataProp": "totalScale" }
         ]
     } );
 } );
@@ -26,7 +27,8 @@ $(document).ready(function() {
 <table cellpadding="0" cellspacing="0" border="0" class="display" id="example" width="100%">
 <thead>
 	<th>source</th>
-	<th>count</th>
+	<th>events</th>
+	<th>totalScale</th>
 </thead>
 </table>
 </body>

src/warden-server/contrib/wardenweb/table_TopSources.php

@@ -2,7 +2,7 @@
 
 include("db.php");
 
-$q = "select source, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by source order by count desc limit 100;";
+$q = "select source, count(*) as events, sum(attack_scale) as totalScale from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by source order by totalScale desc limit 100;";
 $res = mysql_query($q, $db);
 if (mysql_num_rows($res) == 0) { die("nodata");}
 

src/warden-server/contrib/wardenweb/table_TopTargetports.html

@@ -14,7 +14,8 @@ $(document).ready(function() {
         "sAjaxSource": "table_TopTargetports.php",
         "aoColumns": [
             { "mDataProp": "target_port" },
-            { "mDataProp": "count" }
+            { "mDataProp": "events" },
+            { "mDataProp": "totalScale" }
         ]
     } );
 } );
@@ -26,7 +27,8 @@ $(document).ready(function() {
 <table cellpadding="0" cellspacing="0" border="0" class="display" id="example" width="100%">
 <thead>
 	<th>target_port</th>
-	<th>count</th>
+	<th>events</th>
+	<th>totalScale</th>
 </thead>
 </table>
 </body>

src/warden-server/contrib/wardenweb/table_TopTargetports.php

@@ -2,7 +2,7 @@
 
 include("db.php");
 
-$q = "select target_port, count(*) as count from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by count desc limit 300;";
+$q = "select target_port, count(*) as events, sum(attack_scale) as totalScale from events where detected > from_unixtime(unix_timestamp(now())-3600*24*30) group by target_port order by totalScale desc limit 300;";
 $res = mysql_query($q, $db);
 if (mysql_num_rows($res) == 0) { die("nodata");}