nahakubuilder/honeydany
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
86dcba55af6bbef31603798e950b663174c86f9e
honeydany/app/templates/threat_reports.html
T

396 lines
16 KiB
HTML
Raw Blame History

{{ define "threat_reports_title" }}Threat Reports{{ end }}
{{ define "threat_reports_content" }}
<div class="space-y-6">
<div class="flex justify-between items-center">
<h1 class="text-2xl font-semibold text-white">Advanced Threat Reports</h1>
<button id="refresh-btn" class="px-4 py-2 bg-primary-600 hover:bg-primary-500 rounded text-white">
Refresh Data
</button>
</div>
<!-- Threat Statistics Overview -->
<div class="grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-4 gap-4">
<div class="bg-gray-800 border border-gray-700 rounded-lg p-4">
<div class="text-sm text-gray-400">Total IPs Tracked</div>
<div id="stat-total-ips" class="text-3xl font-bold text-primary-400">-</div>
</div>
<div class="bg-gray-800 border border-gray-700 rounded-lg p-4">
<div class="text-sm text-gray-400">Blocked IPs</div>
<div id="stat-blocked-ips" class="text-3xl font-bold text-red-400">-</div>
</div>
<div class="bg-gray-800 border border-gray-700 rounded-lg p-4">
<div class="text-sm text-gray-400">Threat Events</div>
<div id="stat-threat-events" class="text-3xl font-bold text-yellow-400">-</div>
</div>
<div class="bg-gray-800 border border-gray-700 rounded-lg p-4">
<div class="text-sm text-gray-400">Active Rules</div>
<div id="stat-active-rules" class="text-3xl font-bold text-green-400">-</div>
</div>
</div>
<!-- Filters -->
<div class="bg-gray-800 border border-gray-700 rounded-lg p-4">
<h2 class="text-lg font-semibold text-white mb-4">Filters</h2>
<div class="grid grid-cols-1 md:grid-cols-4 gap-4">
<div>
<label class="block text-sm text-gray-300 mb-1">Service</label>
<select id="filter-service" class="w-full bg-gray-900 border border-gray-700 rounded px-3 py-2 text-gray-100">
<option value="">All Services</option>
<option value="ssh">SSH</option>
<option value="http">HTTP</option>
<option value="https">HTTPS</option>
<option value="ftp">FTP</option>
<option value="smtp">SMTP</option>
<option value="telnet">Telnet</option>
<option value="mysql">MySQL</option>
<option value="postgresql">PostgreSQL</option>
</select>
</div>
<div>
<label class="block text-sm text-gray-300 mb-1">Min Threat Score</label>
<input id="filter-threat-score" type="number" min="0" max="100"
class="w-full bg-gray-900 border border-gray-700 rounded px-3 py-2 text-gray-100"
placeholder="0">
</div>
<div>
<label class="block text-sm text-gray-300 mb-1">Status</label>
<select id="filter-blocked" class="w-full bg-gray-900 border border-gray-700 rounded px-3 py-2 text-gray-100">
<option value="">All</option>
<option value="true">Blocked</option>
<option value="false">Not Blocked</option>
</select>
</div>
<div class="flex items-end">
<button id="apply-filters" class="w-full px-4 py-2 bg-primary-600 hover:bg-primary-500 rounded text-white">
Apply Filters
</button>
</div>
</div>
</div>
<!-- IP Reports Table -->
<div class="bg-gray-800 border border-gray-700 rounded-lg">
<div class="p-4 border-b border-gray-700">
<h2 class="text-lg font-semibold text-white">IP Threat Analysis</h2>
</div>
<div class="overflow-x-auto">
<table class="min-w-full divide-y divide-gray-700">
<thead class="bg-gray-800">
<tr>
<th class="px-4 py-2 text-left text-xs font-medium text-gray-300 uppercase tracking-wider">IP Address</th>
<th class="px-4 py-2 text-left text-xs font-medium text-gray-300 uppercase tracking-wider">Threat Score</th>
<th class="px-4 py-2 text-left text-xs font-medium text-gray-300 uppercase tracking-wider">Connections</th>
<th class="px-4 py-2 text-left text-xs font-medium text-gray-300 uppercase tracking-wider">Services</th>
<th class="px-4 py-2 text-left text-xs font-medium text-gray-300 uppercase tracking-wider">Last Seen</th>
<th class="px-4 py-2 text-left text-xs font-medium text-gray-300 uppercase tracking-wider">Status</th>
<th class="px-4 py-2 text-left text-xs font-medium text-gray-300 uppercase tracking-wider">Actions</th>
</tr>
</thead>
<tbody id="ip-reports-table" class="bg-gray-900 divide-y divide-gray-800">
<!-- Dynamic content will be inserted here -->
</tbody>
</table>
</div>
</div>
<!-- Threat Events Modal -->
<div id="threat-events-modal" class="fixed inset-0 bg-black bg-opacity-50 hidden z-50">
<div class="flex items-center justify-center min-h-screen p-4">
<div class="bg-gray-800 rounded-lg max-w-4xl w-full max-h-screen overflow-y-auto">
<div class="p-4 border-b border-gray-700 flex justify-between items-center">
<h3 id="modal-title" class="text-lg font-semibold text-white">Threat Events</h3>
<button id="close-modal" class="text-gray-400 hover:text-white">
<svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12"></path>
</svg>
</button>
</div>
<div id="modal-content" class="p-4">
<!-- Dynamic content will be inserted here -->
</div>
</div>
</div>
</div>
</div>
<script>
let currentReports = [];
// Load initial data
document.addEventListener('DOMContentLoaded', function() {
loadThreatStats();
loadIPReports();
});
// Event listeners
document.getElementById('refresh-btn').addEventListener('click', function() {
loadThreatStats();
loadIPReports();
});
document.getElementById('apply-filters').addEventListener('click', loadIPReports);
document.getElementById('close-modal').addEventListener('click', function() {
document.getElementById('threat-events-modal').classList.add('hidden');
});
// Load threat statistics
async function loadThreatStats() {
try {
const response = await fetch('/api/threat/stats');
const data = await response.json();
document.getElementById('stat-total-ips').textContent = data.total_ips || 0;
document.getElementById('stat-blocked-ips').textContent = data.blocked_ips || 0;
document.getElementById('stat-threat-events').textContent = data.total_threat_events || 0;
document.getElementById('stat-active-rules').textContent = data.active_rules || 0;
} catch (error) {
console.error('Failed to load threat stats:', error);
}
}
// Load IP reports with filters
async function loadIPReports() {
const filters = new URLSearchParams();
const service = document.getElementById('filter-service').value;
if (service) filters.append('service', service);
const threatScore = document.getElementById('filter-threat-score').value;
if (threatScore) filters.append('min_threat_score', threatScore);
const blocked = document.getElementById('filter-blocked').value;
if (blocked) filters.append('blocked', blocked);
filters.append('limit', '50');
try {
const response = await fetch(`/api/threat/reports?${filters.toString()}`);
const data = await response.json();
currentReports = data.reports || [];
renderIPReports(currentReports);
} catch (error) {
console.error('Failed to load IP reports:', error);
}
}
// Render IP reports table
function renderIPReports(reports) {
const tbody = document.getElementById('ip-reports-table');
tbody.innerHTML = '';
if (reports.length === 0) {
tbody.innerHTML = '<tr><td colspan="7" class="px-4 py-4 text-center text-gray-400">No data available</td></tr>';
return;
}
reports.forEach(report => {
const row = document.createElement('tr');
row.className = 'hover:bg-gray-800';
const threatScoreColor = getThreatScoreColor(report.threat_score);
const statusBadge = report.is_blocked
? '<span class="px-2 py-1 text-xs bg-red-600 text-white rounded">Blocked</span>'
: '<span class="px-2 py-1 text-xs bg-green-600 text-white rounded">Active</span>';
const services = (report.services || []).join(', ') || 'None';
const lastSeen = report.last_seen ? new Date(report.last_seen).toLocaleString() : 'Never';
row.innerHTML = `
<td class="px-4 py-2 text-sm text-gray-300">
<button class="text-primary-400 hover:text-primary-300" onclick="showIPDetails('${report.ip}')">
${report.ip}
</button>
</td>
<td class="px-4 py-2 text-sm">
<span class="font-semibold ${threatScoreColor}">${report.threat_score}</span>
</td>
<td class="px-4 py-2 text-sm text-gray-300">${report.total_connections}</td>
<td class="px-4 py-2 text-sm text-gray-300">${services}</td>
<td class="px-4 py-2 text-sm text-gray-300">${lastSeen}</td>
<td class="px-4 py-2 text-sm">${statusBadge}</td>
<td class="px-4 py-2 text-sm">
<div class="flex space-x-2">
${!report.is_blocked
? `<button onclick="blockIP('${report.ip}')" class="px-2 py-1 text-xs bg-red-600 hover:bg-red-500 text-white rounded">Block</button>`
: `<button onclick="unblockIP('${report.ip}')" class="px-2 py-1 text-xs bg-green-600 hover:bg-green-500 text-white rounded">Unblock</button>`
}
<button onclick="showThreatEvents('${report.ip}')" class="px-2 py-1 text-xs bg-blue-600 hover:bg-blue-500 text-white rounded">Events</button>
</div>
</td>
`;
tbody.appendChild(row);
});
}
// Get color class for threat score
function getThreatScoreColor(score) {
if (score >= 80) return 'text-red-400';
if (score >= 60) return 'text-orange-400';
if (score >= 40) return 'text-yellow-400';
if (score >= 20) return 'text-blue-400';
return 'text-gray-400';
}
// Show IP details
async function showIPDetails(ip) {
try {
const response = await fetch(`/api/threat/ip/${ip}`);
const report = await response.json();
document.getElementById('modal-title').textContent = `IP Analysis: ${ip}`;
const content = `
<div class="space-y-4">
<div class="grid grid-cols-2 gap-4">
<div>
<h4 class="font-semibold text-white mb-2">Statistics</h4>
<div class="space-y-1 text-sm">
<div>Total Connections: <span class="text-primary-400">${report.total_connections}</span></div>
<div>Auth Attempts: <span class="text-primary-400">${report.total_auth_attempts}</span></div>
<div>Threat Score: <span class="font-semibold ${getThreatScoreColor(report.threat_score)}">${report.threat_score}</span></div>
<div>Status: ${report.is_blocked ? '<span class="text-red-400">Blocked</span>' : '<span class="text-green-400">Active</span>'}</div>
</div>
</div>
<div>
<h4 class="font-semibold text-white mb-2">Timeline</h4>
<div class="space-y-1 text-sm">
<div>First Seen: <span class="text-gray-300">${report.first_seen ? new Date(report.first_seen).toLocaleString() : 'Unknown'}</span></div>
<div>Last Seen: <span class="text-gray-300">${report.last_seen ? new Date(report.last_seen).toLocaleString() : 'Unknown'}</span></div>
</div>
</div>
</div>
<div>
<h4 class="font-semibold text-white mb-2">Services Accessed</h4>
<div class="flex flex-wrap gap-2">
${(report.services || []).map(service =>
`<span class="px-2 py-1 text-xs bg-gray-700 text-gray-300 rounded">${service}</span>`
).join('')}
</div>
</div>
<div>
<h4 class="font-semibold text-white mb-2">Recent Threat Events</h4>
<div class="max-h-64 overflow-y-auto">
${renderThreatEventsTable(report.threat_events || [])}
</div>
</div>
</div>
`;
document.getElementById('modal-content').innerHTML = content;
document.getElementById('threat-events-modal').classList.remove('hidden');
} catch (error) {
console.error('Failed to load IP details:', error);
}
}
// Show threat events for IP
async function showThreatEvents(ip) {
try {
const response = await fetch(`/api/threat/events?ip=${ip}&limit=100`);
const data = await response.json();
document.getElementById('modal-title').textContent = `Threat Events: ${ip}`;
document.getElementById('modal-content').innerHTML = renderThreatEventsTable(data.events || []);
document.getElementById('threat-events-modal').classList.remove('hidden');
} catch (error) {
console.error('Failed to load threat events:', error);
}
}
// Render threat events table
function renderThreatEventsTable(events) {
if (events.length === 0) {
return '<div class="text-center text-gray-400 py-4">No threat events found</div>';
}
return `
<table class="min-w-full divide-y divide-gray-700">
<thead class="bg-gray-700">
<tr>
<th class="px-3 py-2 text-left text-xs font-medium text-gray-300 uppercase">Type</th>
<th class="px-3 py-2 text-left text-xs font-medium text-gray-300 uppercase">Severity</th>
<th class="px-3 py-2 text-left text-xs font-medium text-gray-300 uppercase">Service</th>
<th class="px-3 py-2 text-left text-xs font-medium text-gray-300 uppercase">Count</th>
<th class="px-3 py-2 text-left text-xs font-medium text-gray-300 uppercase">Last Seen</th>
</tr>
</thead>
<tbody class="divide-y divide-gray-800">
${events.map(event => `
<tr>
<td class="px-3 py-2 text-sm text-gray-300">${event.event_type}</td>
<td class="px-3 py-2 text-sm">
<span class="px-2 py-1 text-xs rounded ${getSeverityColor(event.severity)}">${event.severity}</span>
</td>
<td class="px-3 py-2 text-sm text-gray-300">${event.service}</td>
<td class="px-3 py-2 text-sm text-gray-300">${event.count}</td>
<td class="px-3 py-2 text-sm text-gray-300">${new Date(event.last_seen).toLocaleString()}</td>
</tr>
`).join('')}
</tbody>
</table>
`;
}
// Get severity color class
function getSeverityColor(severity) {
switch (severity) {
case 'critical': return 'bg-red-600 text-white';
case 'high': return 'bg-orange-600 text-white';
case 'medium': return 'bg-yellow-600 text-white';
case 'low': return 'bg-blue-600 text-white';
default: return 'bg-gray-600 text-white';
}
}
// Block IP
async function blockIP(ip) {
if (!confirm(`Are you sure you want to block IP ${ip}?`)) return;
try {
const response = await fetch('/api/threat/block', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ ip: ip, reason: 'Manual block from dashboard' })
});
if (response.ok) {
loadIPReports(); // Refresh the table
loadThreatStats(); // Refresh stats
} else {
alert('Failed to block IP');
}
} catch (error) {
console.error('Failed to block IP:', error);
alert('Failed to block IP');
}
}
// Unblock IP
async function unblockIP(ip) {
if (!confirm(`Are you sure you want to unblock IP ${ip}?`)) return;
try {
const response = await fetch('/api/threat/unblock', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ ip: ip })
});
if (response.ok) {
loadIPReports(); // Refresh the table
loadThreatStats(); // Refresh stats
} else {
alert('Failed to unblock IP');
}
} catch (error) {
console.error('Failed to unblock IP:', error);
alert('Failed to unblock IP');
}
}
</script>
{{ end }}
Reference in New Issue View Git Blame Copy Permalink