File: alerts_table.go

package info (click to toggle)
crowdsec 1.4.6-10.1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 18,500 kB
  • sloc: sh: 2,870; makefile: 386; python: 74
file content (100 lines) | stat: -rw-r--r-- 2,126 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
package main

import (
	"fmt"
	"io"
	"sort"
	"strconv"
	"time"

	log "github.com/sirupsen/logrus"

	"github.com/crowdsecurity/crowdsec/pkg/models"
)

func alertsTable(out io.Writer, alerts *models.GetAlertsResponse, printMachine bool) {
	t := newTable(out)
	t.SetRowLines(false)
	header := []string{"ID", "value", "reason", "country", "as", "decisions", "created_at"}
	if printMachine {
		header = append(header, "machine")
	}
	t.SetHeaders(header...)

	for _, alertItem := range *alerts {
		displayVal := *alertItem.Source.Scope
		if *alertItem.Source.Value != "" {
			displayVal += ":" + *alertItem.Source.Value
		}

		row := []string{
			strconv.Itoa(int(alertItem.ID)),
			displayVal,
			*alertItem.Scenario,
			alertItem.Source.Cn,
			alertItem.Source.GetAsNumberName(),
			DecisionsFromAlert(alertItem),
			*alertItem.StartAt,
		}

		if printMachine {
			row = append(row, alertItem.MachineID)
		}

		t.AddRow(row...)
	}

	t.Render()
}

func alertDecisionsTable(out io.Writer, alert *models.Alert) {
	foundActive := false
	t := newTable(out)
	t.SetRowLines(false)
	t.SetHeaders("ID", "scope:value", "action", "expiration", "created_at")
	for _, decision := range alert.Decisions {
		parsedDuration, err := time.ParseDuration(*decision.Duration)
		if err != nil {
			log.Error(err)
		}
		expire := time.Now().UTC().Add(parsedDuration)
		if time.Now().UTC().After(expire) {
			continue
		}
		foundActive = true
		scopeAndValue := *decision.Scope
		if *decision.Value != "" {
			scopeAndValue += ":" + *decision.Value
		}
		t.AddRow(
			strconv.Itoa(int(decision.ID)),
			scopeAndValue,
			*decision.Type,
			*decision.Duration,
			alert.CreatedAt,
		)
	}
	if foundActive {
		fmt.Printf(" - Active Decisions  :\n")
		t.Render() // Send output
	}
}

func alertEventTable(out io.Writer, event *models.Event) {
	fmt.Fprintf(out, "\n- Date: %s\n", *event.Timestamp)

	t := newTable(out)
	t.SetHeaders("Key", "Value")
	sort.Slice(event.Meta, func(i, j int) bool {
		return event.Meta[i].Key < event.Meta[j].Key
	})

	for _, meta := range event.Meta {
		t.AddRow(
			meta.Key,
			meta.Value,
		)
	}

	t.Render() // Send output
}