repsheet_visualizer 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +4 -0
  3. data/Gemfile.lock +1 -1
  4. data/README.md +6 -4
  5. data/lib/repsheet_visualizer/application/app.rb +3 -2
  6. data/lib/repsheet_visualizer/application/backend.rb +8 -12
  7. data/lib/repsheet_visualizer/application/public/javascripts/application.js +3 -3
  8. data/lib/repsheet_visualizer/application/views/activity.erb +1 -1
  9. data/lib/repsheet_visualizer/application/views/actors.erb +1 -1
  10. data/lib/repsheet_visualizer/application/views/breakdown.erb +10 -10
  11. data/lib/repsheet_visualizer/application/views/worldview.erb +1 -1
  12. data/lib/repsheet_visualizer/version.rb +1 -1
  13. data/script/fill +2 -1
  14. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 71b5fb40592b28d1fd6c5eb61869ab76f56c1746
4
- data.tar.gz: 1a52994411c949ea058ff88f43d0a4cd2ac9c3e1
3
+ metadata.gz: f98f7e61dc56515d36646dd74b76486a069ad677
4
+ data.tar.gz: 6fdb7a815f6ae92361d9a5628eb20445619787ad
5
5
  SHA512:
6
- metadata.gz: 4353c9cc413a856243f114c7b18f8c29fa4fee5adca1b980a46ed73b6723294d0d519700758dfd4f61a324b51cbb2d1cb0c06c7b5e04162f5b6666b495c1eec4
7
- data.tar.gz: e0233520e1473d115fb3a3c0092f976c45cd9c97a927f1f8095b8606991959aec8b0d1fa8631778408694ec97fed622c8a683b7bd63e321e85d5a5336570b3b4
6
+ metadata.gz: 030d9e94c181dc2c948eed48415322379537ba7a44e708732b9e3955fcba4f0ac66dafd416e17d7d6281f1fef314d0674d537ba8d62a992f65c6073b77d42fcc
7
+ data.tar.gz: 9516b4fb6cb68e5ada5df76f0d7420c35f675cc1036e304f08065ffc098aed7df9e7e86641e3c04b641f2cc48c0ac96186ea0e186f7d9050dc6d1de5101a75b8
data/.travis.yml ADDED
@@ -0,0 +1,4 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.0.0
4
+ - 1.9.3
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- repsheet_visualizer (0.2.0)
4
+ repsheet_visualizer (0.2.1)
5
5
  geoip
6
6
  json
7
7
  redis
data/README.md CHANGED
@@ -1,12 +1,14 @@
1
- # Mod Repsheet Vizualizer
1
+ #Repsheet Visualizer [![Build Status](https://secure.travis-ci.org/repsheet/visualizer.png)](http://travis-ci.org/repsheet/visualizer?branch=master)
2
+
3
+ This is the visualization component for Repsheet. It displays information on offending actors and allows for manual blacklisting. It provides a world map that displays the location of offending actors which allows for identification of global attack patterns. It is still under active development and will undergo some pretty major changes over the next several months.
2
4
 
3
5
  ## Setup
4
6
 
5
- You will need to have Ruby/RubyGems installed. This app has been tested on Ruby 1.9.3. To setup and run do the following from the example folder:
7
+ You will need to have Ruby/RubyGems installed. If you would like to use the world map feature, you will need a copy of the [GeoLiteCity Database](http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz). This app has been tested on Ruby 1.9.3 Ruby 2.0.0. You will also need access to the Repsheet Redis database. There are several ways of running the Visualizer application, but the simplest is to just run the command line program:
6
8
 
7
9
  ``` sh
8
10
  bundle install
9
- shotgun
11
+ bin/repsheet_visualizer <redis_host> <redis_port> <path_to_geolite_database>
10
12
  ```
11
13
 
12
- Visit [http://localhost:4567](http://localhost:9393) to see the details.
14
+ Visit [http://localhost:4567](http://localhost:4567) to view the application
data/lib/repsheet_visualizer/application/app.rb CHANGED
@@ -51,7 +51,7 @@ class RepsheetVisualizer < Sinatra::Base
51
51
  end
52
52
 
53
53
  get '/breakdown' do
54
- @data, @aggregate = Backend.breakdown(redis_connection)
54
+ @data = Backend.breakdown(redis_connection)
55
55
  erb :breakdown
56
56
  end
57
57
 
@@ -72,8 +72,9 @@ class RepsheetVisualizer < Sinatra::Base
72
72
  if params["action"] == "allow"
73
73
  connection.del("#{params[:ip]}:repsheet:blacklist")
74
74
  else
75
+ ttl = connection.ttl("#{params[:ip]}:requests")
75
76
  connection.set("#{params[:ip]}:repsheet:blacklist", "true")
76
- connection.expire("#{params[:ip]}:repsheet:blacklist", redis_expiry)
77
+ connection.expire("#{params[:ip]}:repsheet:blacklist", ttl)
77
78
  end
78
79
  redirect back
79
80
  end
data/lib/repsheet_visualizer/application/backend.rb CHANGED
@@ -10,18 +10,14 @@ class Backend
10
10
  end
11
11
 
12
12
  def self.breakdown(connection)
13
- # data = {}
14
- # offenders = connection.keys("*:repsheet").map {|o| o.split(":").first}
15
- # offenders.each do |offender|
16
- # data[offender] = {"totals" => {}}
17
- # connection.smembers("#{offender}:detected").each do |rule|
18
- # data[offender]["totals"][rule] = connection.get "#{offender}:#{rule}:count"
19
- # end
20
- # end
21
- # aggregate = Hash.new 0
22
- # data.each {|ip,data| data["totals"].each {|rule,count| aggregate[rule] += count.to_i}}
23
- # [data, aggregate]
24
- [{},{}]
13
+ data = Hash.new(0)
14
+ offenders = connection.keys("*:repsheet").map {|o| o.split(":").first}
15
+ offenders.each do |offender|
16
+ connection.zrange("#{offender}:detected", 0, -1).each do |rule|
17
+ data[rule] += connection.zscore("#{offender}:detected", rule).to_i
18
+ end
19
+ end
20
+ data.take(10)
25
21
  end
26
22
 
27
23
  def self.activity(connection, actor)
data/lib/repsheet_visualizer/application/public/javascripts/application.js CHANGED
@@ -9,9 +9,9 @@ function angle(d) {
9
9
  }
10
10
 
11
11
  function pie(dataSet) {
12
- var canvasWidth = 500,
13
- canvasHeight = 500,
14
- outerRadius = 150,
12
+ var canvasWidth = 700,
13
+ canvasHeight = 700,
14
+ outerRadius = 250,
15
15
  color = d3.scale.category20();
16
16
 
17
17
  var vis = d3.select("#total").append("svg:svg")
data/lib/repsheet_visualizer/application/views/activity.erb CHANGED
@@ -35,7 +35,7 @@
35
35
  <div class="nav-collapse collapse">
36
36
  <ul class="nav">
37
37
  <li><a href="<%= @mount %>">Actors</a></li>
38
- <!-- <li><a href="<%= @mount %>breakdown">Breakdown</a></li> -->
38
+ <li><a href="<%= @mount %>breakdown">Breakdown</a></li>
39
39
  <li><a href="<%= @mount %>worldview">Worldview</a></li>
40
40
  </ul>
41
41
  </div>
data/lib/repsheet_visualizer/application/views/actors.erb CHANGED
@@ -90,7 +90,7 @@
90
90
  <div class="nav-collapse collapse">
91
91
  <ul class="nav">
92
92
  <li class="active"><a href="<%= @mount %>">Actors</a></li>
93
- <!-- <li><a href="<%= @mount %>breakdown">Breakdown</a></li> -->
93
+ <li><a href="<%= @mount %>breakdown">Breakdown</a></li>
94
94
  <li><a href="<%= @mount %>worldview">Worldview</a></li>
95
95
  </ul>
96
96
  </div>
data/lib/repsheet_visualizer/application/views/breakdown.erb CHANGED
@@ -27,9 +27,14 @@
27
27
  font-size: 20px;
28
28
  font-weight: bold;
29
29
  }
30
+
31
+ svg {
32
+ display: block;
33
+ margin: auto;
34
+ }
30
35
  </style>
31
36
  <link href="<%= @mount %>css/bootstrap-responsive.css" rel="stylesheet">
32
-
37
+
33
38
  <!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
34
39
  <!--[if lt IE 9]>
35
40
  <script src="<%= @mount %>javascripts/html5shiv.js"></script>
@@ -59,15 +64,10 @@
59
64
 
60
65
  <div class="container">
61
66
  <div id="total">
62
- <p class="announce">Mod Security Rule Breakdown</p>
63
- <script>pie(<%= @aggregate.collect {|k,v| {"legendLabel" => k, "magnitude" => v}}.to_json %>);</script>
64
- </div>
65
-
66
- <div id="individual">
67
- <p class="announce">Breakdown by IP</p>
68
- <% @data.each do |ip, data| %>
69
- <script>donut(<%= data["totals"].keys.to_json %>, <%= {:label => ip, :pct => data["totals"].values}.to_json %>);</script>
70
- <% end %>
67
+ <p class="announce">Top 10 Mod Security Rules Triggered</p>
68
+ <div id="chart" class="offset3 span6">
69
+ <script>pie(<%= @data.collect {|k,v| {"legendLabel" => k, "magnitude" => v}}.to_json %>);</script>
70
+ </div>
71
71
  </div>
72
72
  </div>
73
73
  </body>
data/lib/repsheet_visualizer/application/views/worldview.erb CHANGED
@@ -38,7 +38,7 @@
38
38
  <div class="nav-collapse collapse">
39
39
  <ul class="nav">
40
40
  <li><a href="<%= @mount %>">Actors</a></li>
41
- <!-- <li><a href="<%= @mount %>breakdown">Breakdown</a></li> -->
41
+ <li><a href="<%= @mount %>breakdown">Breakdown</a></li>
42
42
  <li class="active"><a href="<%= @mount %>worldview">Worldview</a></li>
43
43
  </ul>
44
44
  </div>
data/lib/repsheet_visualizer/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RepsheetVisualizer
2
- VERSION = "0.2.0"
2
+ VERSION = "0.2.1"
3
3
  end
data/script/fill CHANGED
@@ -6,8 +6,9 @@ r = Redis.new
6
6
  r.flushdb
7
7
 
8
8
  255.times do |i|
9
- r.zincrby("1.1.1.#{i}:detected", rand(1000), "950001")
9
+ r.zincrby("1.1.1.#{i}:detected", rand(100), "950001")
10
10
  r.lpush("1.1.1.#{i}:requests", "123, Chrome, GET, foo, bar")
11
+ r.set("1.1.1.#{i}:repsheet", true)
11
12
 
12
13
  if i > 220
13
14
  r.set("1.1.1.#{i}:repsheet:blacklist", "true")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: repsheet_visualizer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aaron Bedra
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-08-16 00:00:00.000000000 Z
11
+ date: 2013-11-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: geoip
@@ -133,6 +133,7 @@ files:
133
133
  - .gitignore
134
134
  - .rspec
135
135
  - .rvmrc
136
+ - .travis.yml
136
137
  - Gemfile
137
138
  - Gemfile.lock
138
139
  - LICENSE.txt