pcapr-local 0.1.10

data/lib/pcapr_local/www/static/script/closet/closet.quantity.js

@@ -0,0 +1,73 @@
+var closet = closet || {};
+closet.quantity = (function() {
+    return {
+        bytes: function(size) {
+        	if (size > 1024*1024) {
+        		var mb = Math.round(size/1024/1024);
+        		return mb + ' MB';
+        	} else if (size > 1024) {
+        		var kb = Math.round(size/1024);
+        		return kb + ' KB';
+        	} else {
+        		return size + ' byte' + (size == 1 ? '' : 's');
+        	}                
+        },
+        timespan: function(date) {
+        	var today = new Date();
+        	var seconds = (today.getTime() - date.getTime())/1000;
+
+        	if (seconds < 30) {
+        		return 'just now';
+        	} else if (seconds < 90) {
+        		return 'a minute ago';
+        	} 
+
+        	var minutes = seconds/60;
+        	if (minutes < 20) {
+        		return 'few minutes ago';
+        	} else if (minutes < 45) {
+        		return 'half hour ago';
+        	} else if (minutes < 90) {
+        		return 'an hour ago';
+        	} 
+
+        	var hours = minutes/60;
+        	if (hours < today.getHours()) {
+        		return 'earlier today';
+        	} else if (hours < today.getHours() + 24) {
+        		return 'yesterday';
+        	} 
+
+        	var days = hours/24;
+        	if (days < today.getDay()) {
+        		return 'earlier this week';
+        	} else if (days < today.getDay() + 7) {
+        		return 'last week';
+        	} else if (days < 30) {
+        		return 'a few weeks ago';
+        	}
+
+            var months = [
+                "January", "February", "March", "April", "May", "June",
+                "July", "August", "September", "October", "November",
+                "December"
+            ];
+            var year = date.getFullYear();
+            var month = date.getMonth();
+            if (year == today.getFullYear()) {
+                if (month == today.getMonth()) {
+                    return 'earlier this month';
+                } else if (month == today.getMonth() - 1) {
+                    return 'last month';
+                } else {
+                    return 'last ' + months[month];
+                }
+            }
+
+            return months[month] + ' ' + year;
+        },
+        count: function(value, singular, plural) {
+        	return value + ' ' + (value === 1 ? singular : plural ? plural : singular + 's');                
+        }
+    };
+}());

data/lib/pcapr_local/www/static/script/closet/closet.render.js

@@ -0,0 +1,205 @@
+var closet = closet || {};
+
+(function($) {
+closet.render = (function() {
+    return {
+        bars: function($root, kvs, opts) {
+            opts = opts || {};
+            opts.label = opts.label || '';
+            
+            var series = [];
+            $.each(kvs.rows, function(i, row) {
+                series.push([ row.key, row.value ]);
+            });
+            
+    		var html = [];
+    		html.push('<div style="margin-left: 20px; margin-bottom: 20px; width:800px; height:300px;"></div>');
+    		$root = $root.html(html.join('')).find('div');
+            $.plot($root, [ { label: opts.label, data: series } ], {
+    			colors: [ '#e68000' ],
+    			bars: { show: true },
+    			grid: { borderWidth: 1, backgroundColor: { colors: ["#fff", "#eee"] } },
+    			yaxis: {
+    			    labelHeight: 4,
+    			    tickFormatter: function(val, axis) {
+    			        return val.toFixed(0);
+    			    }
+    			},
+                legend: { show: true }
+            });
+        },
+		cloud: function(kvs, cb) {
+            var min = null, max = null;
+            $.each(kvs.rows, function(i, kv) {
+                min = Math.min(kv.value, min || kv.value);
+                max = Math.max(kv.value, max || kv.value);
+            });
+            
+            var minLog = Math.log(min);
+            var maxLog = Math.log(max);
+            var rangeLog = Math.max(1, maxLog - minLog);
+            var minFontSize = 10;
+            var maxFontSize = 50;
+            
+            var html = [];
+            $.each(kvs.rows, function(i, kv) {
+                var value = Math.max(1, kv.value);
+                var ratio = (Math.log(value) - minLog) / rangeLog;
+                var size = minFontSize + Math.round(((maxFontSize - minFontSize) * ratio));
+                
+				html = html.concat(cb(kv, size));
+            });
+            
+			return html.join('');
+		},
+		// Options
+		// {
+		//     limit: <number>|''
+		//     order: 'key'|'value'
+		//     descending: true|false,
+		//     normalize: true|false
+		//     value: 'count' || 'bytes'
+		// }
+		table: function($root, kvs, opts, cb, morecb) {
+			opts = opts || {};
+			opts.limit = opts.limit ? opts.limit : (opts.limit === '' ? kvs.rows.length : 10);
+			opts.order = opts.order || 'value';
+			if (opts.descending === undefined) {
+				opts.descending = true;
+			}
+			
+	        kvs.rows.sort(function(a, b) { 
+				var _a = opts.descending ? a[opts.order] : b[opts.order];
+				var _b = opts.descending ? b[opts.order] : a[opts.order];
+				return _b > _a ? 1 : _b < _a ? -1 : 0; 
+			});
+			
+	        var top = kvs.rows.slice(0, opts.limit);
+            var max = 0;
+            var total = 0;
+            $.each(kvs.rows, function(i, kv) {
+                max = Math.max(kv.value, max);
+                total += kv.value;
+            });
+			
+			var html = [];
+			if (kvs.rows.length > 0) {
+				html.push('<table style="margin-bottom: 20px">');
+				$.each(top, function(i, kv) {
+                    var width = Math.max((kv.value/max*400).toFixed(0), 1);
+					
+					if (typeof(kv.key) === 'string' && kv.key.length > 96) {
+						kv.key = kv.key.slice(0, 95) + '*';
+					}
+					
+					var value = kv.value;
+					if (opts.normalize) {
+					    value = (Math.ceil(kv.value/total*100) + '%');
+					} else {
+					    if (opts.value && opts.value === 'bytes') {
+					        value = closet.quantity.bytes(value);
+					    }
+					}
+					
+					html.push('<tr>');
+					html.push('<td align="right">' + value + '</td>');
+					html.push('<td>');
+					html.push('<div style="position:absolute;margin-left:10px">');
+					html.push(cb ? cb(kv) : closet.util.escapeHTML(kv.key));
+					html.push('</div>');
+                    html.push('<img src="/static/image/bar-orange.gif" style="opacity:1.0;border:none;height:18px;width:' + width + 'px"/>');
+					html.push('</td>');
+					html.push('</tr>');
+				});
+				html.push('</table>');
+				
+				if (kvs.rows.length > top.length && morecb) {
+					html.push(morecb());
+				}	
+			} else {
+				html.push("<span class=info>Hmm...Your query didn't seem to match anything.</span>");
+			}
+			
+			$root.html(html.join(''));			
+		},
+		minmax: function($root, kvs, opts, cb, morecb) {
+			opts = opts || {};
+			opts.limit = opts.limit ? opts.limit : (opts.limit === '' ? kvs.rows.length : 10);
+			if (opts.order !== 'min' && opts.order !== 'max' && opts.order !== 'count' && opts.order !== 'spread') {
+				opts.order = 'spread';
+			}
+			
+			if (opts.descending === undefined) {
+				opts.descending = true;
+			}
+			
+			// Compute the min-of-min and max-of-max as well as the spread
+			// between the max and the min				
+			var minOfMin;
+            var maxOfMax;
+			var integer = true;
+            $.each(kvs.rows, function(i, kv) {
+                minOfMin = Math.min(kv.value.min, minOfMin || kv.value.min);
+                maxOfMax = Math.max(kv.value.max, maxOfMax || kv.value.max);
+				kv.value.spread = Math.max(kv.value.max - kv.value.min, 0);
+				if (kv.value.min.toString().indexOf('.') > 0) {
+					integer = false;
+				} else if (kv.value.max.toString().indexOf('.') > 0) {
+					integer = false;
+				}
+            });
+			var range = Math.max(maxOfMax - minOfMin, 1);
+			
+			// Sort based on the user-defined criteria
+	        kvs.rows.sort(function(a, b) { 
+				var _a = opts.descending ? a.value[opts.order] : b.value[opts.order];
+				var _b = opts.descending ? b.value[opts.order] : a.value[opts.order];
+				return _b > _a ? 1 : _b < _a ? -1 : 0;
+			});
+			
+			var html = [];
+			if (kvs.rows.length > 0) {
+				html.push('<table style="margin-bottom: 20px">');
+				html.push('<thead style="font-weight:bold">');
+				html.push('<tr>');
+				html.push('<td>Count</td>');
+				html.push('<td>Min</td>');
+				html.push('<td>Max</td>');
+				html.push('<td>Spread</td>');
+				html.push('</tr>');
+				html.push('</thead>');
+				html.push('<tbody>');
+		        var top = kvs.rows.slice(0, opts.limit);
+				$.each(top, function(i, kv) {
+					var width = Math.max(((kv.value.max - kv.value.min)*400/range).toFixed(0), 2);
+					var margin = ((kv.value.min - minOfMin)*400/range).toFixed(0);
+					html.push('<tr>');
+					html.push('<td>' + kv.value.count + '</td>');
+					html.push('<td>' + kv.value.min.toFixed(integer ? 0 : 4) + '</td>');
+					html.push('<td>' + kv.value.max.toFixed(integer ? 0 : 4) + '</td>');
+					html.push('<td>');
+					if (typeof(kv.key) === 'string' && kv.key.length > 96) {
+						kv.key = kv.key.slice(0, 95) + '*';
+					}
+					html.push('<div style="position:absolute;margin-left:10px">');
+					html.push(cb ? cb(kv) : closet.util.escapeHTML(kv.key));
+					html.push('</div>');
+                    html.push('<img src="/static/image/bar-orange.gif" style="border:none;height:18px;width:' + width + 'px;margin-left:' + margin + 'px"/>');
+					html.push('</td>');
+					html.push('</tr>');
+				});
+				html.push('</tbody>');
+				html.push('</table>');
+				
+				if (kvs.rows.length > top.length && morecb) {
+					html.push(morecb());
+				}
+			} else {
+				html.push("<span class=info>Hmm...Your query didn't seem to match anything.</span>");
+			}
+			
+			$root.html(html.join(''));
+		}			
+    };
+}());
+}(jQuery));

data/lib/pcapr_local/www/static/script/closet/closet.report.js

@@ -0,0 +1,86 @@
+var closet = closet || {};
+(function($) {
+closet.report = (function() {
+    return {
+        load: function(ctx, $root, pcap, cb) {
+            closet.api.fields.list(pcap._id, function(fields) {
+                var fieldMap = {};
+                $.each(fields, function(i, v) { fieldMap[v] = true; });
+                
+                closet.reports.list = closet.reports.list || [];
+                var html = [ '<option>Pick one</option>' ];
+                $.each(closet.reports, function(_, category) {
+                    if (category.hasOwnProperty('apply') === false || category.apply(pcap, fieldMap)) {
+                        var html2 = [];
+                        $.each(category.items, function(index, report) {
+                            report.category = category.name;
+                            report.index = index;
+                            if (report.hasOwnProperty('apply') === false || report.apply(pcap, fieldMap)) {
+                                html2.push('<option id="' + closet.reports.list.length + '">' + report.title + '</option>');
+                                closet.reports.list.push(report);
+                            }
+                        });
+
+                        if (html2.length > 0) {
+                            html.push('<optgroup label="' + category.title + '">');
+                            html = html.concat(html2);
+                            html.push('</optgroup>');                        
+                        }                        
+                    }
+                });
+
+                var $report = $root.find('div.report');
+                var $select = $root.find('select.reports');
+                var $showonload = $root.find('span.showonload');
+
+                $select.html(html.join('')).change(function() {
+                    var id = $(this).find('option:selected').attr('id');
+                    if (id) {
+                        var index = parseInt(id, 10);
+                        var report = closet.reports.list[index];
+                        ctx.app.setLocation('#/browse/report/' + pcap._id + '/' + report.category + '/' + report.name);
+                    }                    
+                });
+                $showonload.css('display', '');
+                $report.empty();
+                if (cb) { cb(); }
+            });
+        },
+        create: function(ctx, $root, pcap, category, report, opts) {
+            $.each(closet.reports, function(_, c) {
+                if (c.name === category) {
+                    $.each(c.items, function(_, r) {
+                        if (r.name === report) {
+                            var $report = $root.find('div.report');
+                            var $title = $root.find('h3.title').html(c.title + '|' + r.title);
+                            var $settings = $root.find('div.settings');
+                            var $toggler = $settings.find('a.toggler');
+                            var $options = $settings.find('div.options');
+                            
+                            $report.html('<span class="throbber">generating...</span>');
+                            if (r.options) {
+                                closet.options.create(function(maker) {
+                                    r.options(pcap, maker, function() {
+                                        var $maker = maker.build(opts, function(_opts) {
+                                            $report.html('<span class="throbber">generating...</span>');
+                                            r.create(ctx, $report, pcap, _opts);
+                                        });
+                                        $settings.css('display', '');
+                                        $toggler.click(function() { $options.slideToggle(); });
+                                        $options.append($maker);
+                                        r.create(ctx, $report, pcap, maker.reconcile(opts));
+                                    });
+                                });
+                            } else {
+                                r.create(ctx, $report, pcap, opts);                                
+                            }
+                            return false;
+                        }
+                    });
+                    return false;
+                }
+            });
+        }
+    };
+}());
+}(jQuery));

data/lib/pcapr_local/www/static/script/closet/closet.reports.http.js

@@ -0,0 +1,135 @@
+var closet = closet || {};
+closet.reports = closet.reports || [];
+closet.reports.push({
+    name: 'http',
+    title: 'HTTP',
+    apply: function(pcap, fields) {
+        return fields.hasOwnProperty('http.request.method');
+    },
+    items: [{
+        name: 'latency',
+        title: 'Response Times',
+        options: function(pcap, opts, cb) {
+            opts.choice('limit', 10, { 'values': [ '', 10, 20, 50, 100 ] });
+            opts.choice('order', 'spread', { values: ['min', 'max', 'count', 'spread'] });
+            opts.boolean('descending', true);
+            cb();
+        },
+        create: function(ctx, $root, pcap, opts) {
+            var q = 'flow.service:http*';
+            var r = closet.mr.minmax('http.request.uri', 'flow.duration');
+            closet.api.flows.report(pcap._id, q, r, function(data) {
+                closet.render.minmax($root, data, opts);
+            });
+        }
+    }, {
+        name: 'bandwidth',
+        title: 'Bandwidth Utilization',
+        options: function(pcap, opts, cb) {
+            var q = 'flow.service:http*';
+            closet.api.flows.servers(pcap._id, q, 0.0, pcap.index.about.duration, function(data) {
+                var servers = $.map(data.rows, function(row) { return row.key; });
+                opts.choice('server', '', { 'values': [''].concat(servers) });
+                opts.choice('limit', 10, { 'values': [ '', 10, 20, 50, 100 ] });
+                opts.choice('order', 'bytes', { values: [ 'bytes', 'uri' ] });
+                opts.boolean('descending', true);
+                opts.boolean('normalize', false);
+                cb();
+            });
+        },
+        create: function(ctx, $root, pcap, opts) {
+            opts = $.extend({}, opts, { value: 'bytes' });
+            if (opts.order) {
+                opts.order = { uri: 'value', host: 'key' }[opts.order]
+            }
+            
+            var q = 'flow.service:http*';
+            q = q + (opts.server ? ' flow.dst:' + opts.server : '');
+            var r = closet.mr.sum('http.request.uri', 'flow.bytes');
+            closet.api.flows.report(pcap._id, q, r, function(data) {
+                closet.render.table($root, data, opts);
+            });
+        }
+    }, {
+        name: 'browsers',
+        title: 'Web Browsers',
+        options: function(pcap, opts, cb) {
+            var q = 'flow.service:http*';
+            closet.api.flows.servers(pcap._id, q, 0.0, pcap.index.about.duration, function(data) {
+                var servers = $.map(data.rows, function(row) { return row.key; });
+                opts.choice('server', '', { 'values': [''].concat(servers) });
+                opts.choice('limit', 10, { 'values': [ '', 10, 20, 50, 100 ] });
+                opts.choice('order', 'count', { values: [ 'count', 'browser' ] });
+                opts.boolean('descending', true);
+                opts.boolean('normalize', true);
+                cb();
+            });
+        },
+        create: function(ctx, $root, pcap, opts) {
+            opts = $.extend({}, opts, { value: 'count' });
+            if (opts.order) {
+                opts.order = { count: 'value', browser: 'key' }[opts.order]
+            }
+            
+            var q = 'flow.service:http*';
+            q = q + (opts.server ? ' flow.dst:' + opts.server : '');
+            var r = closet.mr.count('http.user.agent');
+            closet.api.flows.report(pcap._id, q, r, function(data) {
+                closet.render.table($root, data, opts);
+            });
+        }
+    }, {
+        name: 'servers',
+        title: 'Web Servers',
+        options: function(pcap, opts, cb) {
+            opts.choice('limit', 10, { 'values': [ '', 10, 20, 50, 100 ] });
+            opts.choice('order', 'count', { values: [ 'count', 'server' ] });
+            opts.boolean('descending', true);
+            opts.boolean('normalize', true);
+            cb();
+        },
+        create: function(ctx, $root, pcap, opts) {
+            opts = $.extend({}, opts, { value: 'count' });
+            if (opts.order) {
+                opts.order = { count: 'value', server: 'key' }[opts.order]
+            }
+            
+            var q = 'flow.service:http*';
+            var r = closet.mr.count('http.server');
+            closet.api.flows.report(pcap._id, q, r, function(data) {
+                closet.render.table($root, data, opts);
+            });
+        }
+    }, {
+        name: 'content',
+        title: 'Content Types',
+        options: function(pcap, opts, cb) {
+            var q = 'flow.service:http*';
+            closet.api.flows.servers(pcap._id, q, 0.0, pcap.index.about.duration, function(data) {
+                var servers = $.map(data.rows, function(row) { return row.key; });
+                opts.choice('server', '', { 'values': [''].concat(servers) });
+                opts.choice('limit', 10, { 'values': [ '', 10, 20, 50, 100 ] });
+                opts.choice('order', 'count', { values: [ 'count', 'type' ] });
+                opts.boolean('descending', true);
+                opts.boolean('normalize', true);
+                cb();
+            });
+        },
+        create: function(ctx, $root, pcap, opts) {
+            opts = $.extend({}, opts, { value: 'count' });
+            if (opts.order) {
+                opts.order = { count: 'value', type: 'key' }[opts.order]
+            }
+            
+            var q = 'flow.service:http*';
+            var r = closet.mr.count('http.content.type');
+            closet.api.flows.report(pcap._id, q, r, function(data) {
+                closet.render.table($root, data, opts);
+            });
+        }
+    }
+    // TODO:
+    // - connection rate
+    // - scans
+    ]
+});