Skip to content

Commit

Permalink
Change vulnerabilities dashboard (#6541)
Browse files Browse the repository at this point in the history 
* Change vulnerabilities injector script

* Change dashboard visualizations

* Fixed the vulnerabilities template fields

* Fixed the vulnerabilities script fields

* Fixed the vulnerability.published_at field in the dashboard
  • Loading branch information
@asteriscos
asteriscos committed Mar 26, 2024
1 parent 94a219a commit 38c32fd
Show file tree
Hide file tree
Showing 6 changed files with 63 additions and 58 deletions.
46 changes: 23 additions & 23 deletions plugins/main/public/components/overview/vulnerabilities/dashboards/overview/dashboard.tsx
View file
Expand Up @@ -113,6 +113,29 @@ const DashboardVulsComponent: React.FC = () => {
) : null}
{!isLoading && !isSearching && results?.hits?.total > 0 ? (
<div className='vulnerability-dashboard-responsive'>
<DashboardByRenderer
input={{
viewMode: ViewMode.VIEW,
panels: getKPIsPanel(VULNERABILITIES_INDEX_PATTERN_ID),
isFullScreenMode: false,
filters: fetchFilters ?? [],
useMargins: true,
id: 'kpis-vulnerability-detector-dashboard-tab',
timeRange: {
from: searchBarProps.dateRangeFrom,
to: searchBarProps.dateRangeTo,
},
title: 'KPIs Vulnerability detector dashboard',
description: 'KPIs Dashboard of the Vulnerability detector',
query: searchBarProps.query,
refreshConfig: {
pause: false,
value: 15,
},
hidePanelTitles: true,
}}
onInputUpdated={handleFilterByVisualization}
/>
<div className='vulnerability-dashboard-filters-wrapper'>
<DashboardByRenderer
input={{
Expand Down Expand Up @@ -141,29 +164,6 @@ const DashboardVulsComponent: React.FC = () => {
onInputUpdated={handleFilterByVisualization}
/>
</div>
<DashboardByRenderer
input={{
viewMode: ViewMode.VIEW,
panels: getKPIsPanel(VULNERABILITIES_INDEX_PATTERN_ID),
isFullScreenMode: false,
filters: fetchFilters ?? [],
useMargins: true,
id: 'kpis-vulnerability-detector-dashboard-tab',
timeRange: {
from: searchBarProps.dateRangeFrom,
to: searchBarProps.dateRangeTo,
},
title: 'KPIs Vulnerability detector dashboard',
description: 'KPIs Dashboard of the Vulnerability detector',
query: searchBarProps.query,
refreshConfig: {
pause: false,
value: 15,
},
hidePanelTitles: true,
}}
onInputUpdated={handleFilterByVisualization}
/>
<DashboardByRenderer
input={{
viewMode: ViewMode.VIEW,
Expand Down
3 changes: 2 additions & 1 deletion ...s/main/public/components/overview/vulnerabilities/dashboards/overview/dashboard_panels.ts
View file
Expand Up @@ -401,7 +401,8 @@ const getVisStateAccumulationMostDetectedVulnerabilities = (
enabled: true,
type: 'date_histogram',
params: {
field: '@timestamp',
field: 'vulnerability.published_at',
customLabel: 'Published at',
timeRange: {
from: 'now-24h',
to: 'now',
Expand Down
40 changes: 20 additions & 20 deletions ...ublic/components/overview/vulnerabilities/dashboards/overview/dashboard_panels_filters.ts
View file
Expand Up @@ -86,31 +86,31 @@ export const getDashboardFilters = (
>;
} => {
return {
topPackageSelector: {
topVulnerabilities: {
gridData: {
w: 12,
w: 9,
h: 12,
x: 0,
y: 0,
i: 'topPackageSelector',
i: 'topVulnerabilities',
},
type: 'visualization',
explicitInput: {
id: 'topPackageSelector',
id: 'topVulnerabilities',
savedVis: getVisStateFilter(
'topPackageSelector',
'topVulnerabilities',
indexPatternId,
'Top packages vulnerabilities',
'Top 5 packages',
'package.name',
'Top vulnerabilities',
'Top 5 vulnerabilities',
'vulnerability.id',
),
},
},
topOSVulnerabilities: {
gridData: {
w: 12,
w: 15,
h: 12,
x: 12,
x: 9,
y: 0,
i: 'topOSVulnerabilities',
},
Expand All @@ -128,7 +128,7 @@ export const getDashboardFilters = (
},
topAgentVulnerabilities: {
gridData: {
w: 12,
w: 15,
h: 12,
x: 24,
y: 0,
Expand All @@ -146,23 +146,23 @@ export const getDashboardFilters = (
),
},
},
topVulnerabilities: {
topPackageSelector: {
gridData: {
w: 12,
w: 9,
h: 12,
x: 36,
x: 39,
y: 0,
i: 'topVulnerabilities',
i: 'topPackageSelector',
},
type: 'visualization',
explicitInput: {
id: 'topVulnerabilities',
id: 'topPackageSelector',
savedVis: getVisStateFilter(
'topVulnerabilities',
'topPackageSelector',
indexPatternId,
'Top vulnerabilities',
'Top 5 vulnerabilities',
'vulnerability.id',
'Top packages vulnerabilities',
'Top 5 packages',
'package.name',
),
},
},
Expand Down
18 changes: 9 additions & 9 deletions ...n/public/components/overview/vulnerabilities/dashboards/overview/dashboard_panels_kpis.ts
View file
Expand Up @@ -60,7 +60,7 @@ const getVisStateSeverityCritical = (indexPatternId: string) => {
enabled: true,
type: 'count',
params: {
customLabel: ' ',
customLabel: 'Critical',
},
schema: 'metric',
},
Expand All @@ -75,7 +75,7 @@ const getVisStateSeverityCritical = (indexPatternId: string) => {
query: 'vulnerability.severity:"Critical"',
language: 'kuery',
},
label: '- Critical severity alerts',
label: 'Severity',
},
],
},
Expand Down Expand Up @@ -126,7 +126,7 @@ const getVisStateSeverityHigh = (indexPatternId: string) => {
uiState: {
vis: {
colors: {
'High Severity Alerts - Count': '#38D1BA',
'High Severity - Count': '#38D1BA',
},
},
},
Expand All @@ -152,7 +152,7 @@ const getVisStateSeverityHigh = (indexPatternId: string) => {
enabled: true,
type: 'count',
params: {
customLabel: ' ',
customLabel: 'High',
},
schema: 'metric',
},
Expand All @@ -167,7 +167,7 @@ const getVisStateSeverityHigh = (indexPatternId: string) => {
query: 'vulnerability.severity:"High"',
language: 'kuery',
},
label: '- High severity alerts',
label: 'Severity',
},
],
},
Expand Down Expand Up @@ -237,7 +237,7 @@ const getVisStateSeverityMedium = (indexPatternId: string) => {
enabled: true,
type: 'count',
params: {
customLabel: ' ',
customLabel: 'Medium',
},
schema: 'metric',
},
Expand All @@ -252,7 +252,7 @@ const getVisStateSeverityMedium = (indexPatternId: string) => {
query: 'vulnerability.severity:"Medium"',
language: 'kuery',
},
label: '- Medium severity alerts',
label: 'Severity',
},
],
},
Expand Down Expand Up @@ -322,7 +322,7 @@ const getVisStateSeverityLow = (indexPatternId: string) => {
enabled: true,
type: 'count',
params: {
customLabel: ' ',
customLabel: 'Low',
},
schema: 'metric',
},
Expand All @@ -337,7 +337,7 @@ const getVisStateSeverityLow = (indexPatternId: string) => {
query: 'vulnerability.severity:"Low"',
language: 'kuery',
},
label: '- Low severity alerts',
label: 'Severity',
},
],
},
Expand Down
11 changes: 7 additions & 4 deletions scripts/vulnerabilities-events-injector/DIS_Template.json
View file
Expand Up @@ -13,9 +13,6 @@
}
],
"properties": {
"@timestamp": {
"type": "date"
},
"agent": {
"properties": {
"build": {
Expand Down Expand Up @@ -182,6 +179,9 @@
"ignore_above": 1024,
"type": "keyword"
},
"detected_at": {
"type": "date"
},
"enumeration": {
"ignore_above": 1024,
"type": "keyword"
Expand All @@ -190,6 +190,9 @@
"ignore_above": 1024,
"type": "keyword"
},
"published_at": {
"type": "date"
},
"reference": {
"ignore_above": 1024,
"type": "keyword"
Expand Down Expand Up @@ -270,4 +273,4 @@
"refresh_interval": "2s"
}
}
}
}
3 changes: 2 additions & 1 deletion scripts/vulnerabilities-events-injector/dataInjectScript.py
View file
Expand Up @@ -115,6 +115,8 @@ def generateRandomVulnerability():
vulnerability['scanner'] = {'vendor':'vendor-{}'.format(random.randint(0, 9))}
vulnerability['score'] = {'base':round(random.uniform(0, 10),1), 'environmental':round(random.uniform(0, 10),1), 'temporal':round(random.uniform(0, 10),1),'version':'{}'.format(round(random.uniform(0, 10),1))}
vulnerability['severity'] = random.choice(['Low','Medium','High','Critical'])
vulnerability['published_at'] = generateRandomDate()
vulnerability['detected_at'] = generateRandomDate()
return(vulnerability)

def generateRandomWazuh():
Expand All @@ -125,7 +127,6 @@ def generateRandomWazuh():
def generateRandomData(number):
for i in range(0, int(number)):
yield{
'@timestamp':generateRandomDate(),
'agent':generateRandomAgent(),
'ecs':{'version':'1.7.0'},
'host':generateRandomHost(),
Expand Down

0 comments on commit 38c32fd

Please sign in to comment.