@cccsaurora/howler-ui 2.13.0-dev.163 → 2.13.0-dev.164
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -3,6 +3,7 @@ import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
|
|
|
3
3
|
import { useMonaco } from '@monaco-editor/react';
|
|
4
4
|
import { OpenInNew, PlayArrowOutlined, SsidChart } from '@mui/icons-material';
|
|
5
5
|
import { Alert, AlertTitle, Autocomplete, Box, Card, Checkbox, Chip, CircularProgress, FormControlLabel, IconButton, ListItemText, Slider, Stack, TextField, Tooltip, Typography, useMediaQuery, useTheme } from '@mui/material';
|
|
6
|
+
import Popper, {} from '@mui/material/Popper';
|
|
6
7
|
import api from '@cccsaurora/howler-ui/api';
|
|
7
8
|
import PageCenter from '@cccsaurora/howler-ui/commons/components/pages/PageCenter';
|
|
8
9
|
import { parseEvent } from '@cccsaurora/howler-ui/commons/components/utils/keyboard';
|
|
@@ -61,6 +62,10 @@ falsepositives:
|
|
|
61
62
|
level: informational
|
|
62
63
|
`
|
|
63
64
|
};
|
|
65
|
+
const LUCENE_QUERY_OPTIONS = ['default', 'facet', 'groupby'];
|
|
66
|
+
const CustomPopper = (props) => {
|
|
67
|
+
return _jsx(Popper, { ...props, style: { width: 'fit-content' }, placement: "bottom-start" });
|
|
68
|
+
};
|
|
64
69
|
const QueryBuilder = () => {
|
|
65
70
|
const { t } = useTranslation();
|
|
66
71
|
const theme = useTheme();
|
|
@@ -73,6 +78,8 @@ const QueryBuilder = () => {
|
|
|
73
78
|
const [type, setType] = useState('lucene');
|
|
74
79
|
const [loading, setLoading] = useState(false);
|
|
75
80
|
const [query, setQuery] = useState(DEFAULT_VALUES.lucene);
|
|
81
|
+
const [queryType, setQueryType] = useState(LUCENE_QUERY_OPTIONS[0]);
|
|
82
|
+
const [groupByField, setGroupByField] = useState(null);
|
|
76
83
|
const [allFields, setAllFields] = useState(true);
|
|
77
84
|
const [fields, setFields] = useState(['howler.id']);
|
|
78
85
|
const [response, setResponse] = useState(null);
|
|
@@ -90,10 +97,25 @@ const QueryBuilder = () => {
|
|
|
90
97
|
};
|
|
91
98
|
let result;
|
|
92
99
|
if (type === 'lucene') {
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
100
|
+
if (queryType === 'facet') {
|
|
101
|
+
result = await api.search.facet.hit.post({
|
|
102
|
+
query: sanitizeMultilineLucene(query),
|
|
103
|
+
rows: STEPS[rows],
|
|
104
|
+
fields
|
|
105
|
+
});
|
|
106
|
+
}
|
|
107
|
+
else if (queryType === 'groupby') {
|
|
108
|
+
result = await api.search.grouped.hit.post(groupByField, {
|
|
109
|
+
query: sanitizeMultilineLucene(query),
|
|
110
|
+
...searchProperties
|
|
111
|
+
});
|
|
112
|
+
}
|
|
113
|
+
else {
|
|
114
|
+
result = await api.search.hit.post({
|
|
115
|
+
query: sanitizeMultilineLucene(query),
|
|
116
|
+
...searchProperties
|
|
117
|
+
});
|
|
118
|
+
}
|
|
97
119
|
}
|
|
98
120
|
else if (type === 'eql') {
|
|
99
121
|
result = await api.search.hit.eql.post({
|
|
@@ -116,7 +138,7 @@ const QueryBuilder = () => {
|
|
|
116
138
|
finally {
|
|
117
139
|
setLoading(false);
|
|
118
140
|
}
|
|
119
|
-
}, [allFields, fields, query, rows, type]);
|
|
141
|
+
}, [allFields, fields, groupByField, query, queryType, rows, type]);
|
|
120
142
|
const onKeyDown = useCallback(event => {
|
|
121
143
|
const parsedEvent = parseEvent(event);
|
|
122
144
|
if (parsedEvent.isCtrl && parsedEvent.isEnter) {
|
|
@@ -146,6 +168,12 @@ const QueryBuilder = () => {
|
|
|
146
168
|
maxHeight: '85vh'
|
|
147
169
|
}));
|
|
148
170
|
}, [query, response, showModal, showWarningMessage, t, type]);
|
|
171
|
+
const searchDisabled = useMemo(() => type === 'lucene' && queryType === 'groupby' && !groupByField, [groupByField, queryType, type]);
|
|
172
|
+
useEffect(() => {
|
|
173
|
+
if (type !== 'lucene' && queryType !== 'default') {
|
|
174
|
+
setQueryType('default');
|
|
175
|
+
}
|
|
176
|
+
}, [queryType, type]);
|
|
149
177
|
useEffect(() => {
|
|
150
178
|
if (!monaco) {
|
|
151
179
|
return;
|
|
@@ -190,13 +218,21 @@ const QueryBuilder = () => {
|
|
|
190
218
|
display: 'flex',
|
|
191
219
|
alignSelf: 'stretch'
|
|
192
220
|
}
|
|
193
|
-
}, children: [smallButtons ? (_jsx(Tooltip, { title: t('route.actions.execute'), children: _jsx(IconButton, { size: "small", sx: { alignSelf: 'start' }, color: "success", onClick: execute, children: loading ? _jsx(CircularProgress, { size: 18, color: "success" }) : _jsx(PlayArrowOutlined, { color:
|
|
221
|
+
}, children: [smallButtons ? (_jsx(Tooltip, { title: t('route.actions.execute'), children: _jsx(IconButton, { size: "small", sx: { alignSelf: 'start' }, color: "success", onClick: execute, disabled: searchDisabled, children: loading ? (_jsx(CircularProgress, { size: 18, color: "success" })) : (_jsx(PlayArrowOutlined, { color: searchDisabled ? 'disabled' : 'success' })) }) })) : (_jsx(CustomButton, { size: "small", variant: "outlined", startIcon: loading ? (_jsx(CircularProgress, { size: 18, color: "success" })) : (_jsx(PlayArrowOutlined, { color: searchDisabled ? 'disabled' : 'success', sx: { '& path': { stroke: 'currentcolor', strokeWidth: '1px' } } })), color: "success", onClick: execute, disabled: searchDisabled, children: t('route.actions.execute') })), _jsxs(Stack, { direction: compactLayout ? 'column' : 'row', spacing: 1, children: [_jsx(Autocomplete, { value: type, onChange: (__, value) => setType(value), options: QUERY_TYPES, getOptionLabel: option => t(`route.advanced.query.${option}`), renderOption: (props, option) => (_jsx(ListItemText, { ...props, sx: { flexDirection: 'column', alignItems: 'start !important' }, primary: t(`route.advanced.query.${option}`), secondary: t(`route.advanced.query.${option}.description`) })), renderInput: params => (_jsx(TextField, { ...params, size: "small", label: t('route.advanced.type'), sx: { minWidth: '250px' } })), sx: [
|
|
194
222
|
!compactLayout && {
|
|
195
223
|
height: '100%',
|
|
196
224
|
'& .MuiFormControl-root': { height: '100%', '& > div': { height: '100%' } }
|
|
197
225
|
}
|
|
198
|
-
], slotProps: { paper: { sx: { minWidth: '600px' } } } }), _jsx(Card, { variant: "outlined", sx: { flex: 1, maxWidth: '350px', minWidth: '210px' }, children: _jsxs(Stack, { spacing: 0.5, sx: { px: 1, alignItems: 'start' }, children: [_jsxs(Typography, { variant: "caption", color: "text.secondary", sx: { whiteSpace: 'nowrap' }, children: [t('route.advanced.rows'), ": ", STEPS[rows]] }), _jsx(Slider, { size: "small", valueLabelDisplay: "off", value: rows, onChange: (_, value) => setRows(value), min: 0, max: 9, step: 1, marks: true, track: false, sx: { py: 0.5 } })] }) })] }), allFields ? (_jsx(FormControlLabel, { control: _jsx(Checkbox, { checked: allFields, onChange: (__, checked) => setAllFields(checked) }), label: t('route.advanced.fields.all'), sx: { '& > span': { color: 'text.secondary' }, alignSelf: 'start' } })) : (_jsx(Autocomplete, { fullWidth: true, renderTags: values => values.length <= 3 ? (_jsx(Stack, { direction: "row", spacing: 0.5, children: values.map(_value => (_jsx(Chip, { size: "small", label: _value }, _value))) })) : (_jsx(Tooltip, { title: _jsx(Stack, { spacing: 1, children: values.map(_value => (_jsx("span", { children: _value }, _value))) }), children: _jsx(Chip, { size: "small", label: values.length }) })), multiple: true, size: "small", options: fieldOptions, value: fields, onChange: (__, values) => (values.length > 0 ? setFields(values) : setAllFields(true)), renderInput: params => _jsx(TextField, { ...params, label: t('route.advanced.fields') }), sx: { maxWidth: '500px', width: '20vw', minWidth: '200px', '& label': { zIndex: 1200 } }, onKeyDown: onKeyDown })), _jsx(FlexOne, {}), type === 'lucene' &&
|
|
199
|
-
(smallButtons ? (_jsx(Tooltip, { title: t('route.advanced.open'), children: _jsx(IconButton, { color: "primary", sx: { alignSelf: 'center' }, component: Link, disabled: !response, to: `/hits?query=${sanitizeMultilineLucene(query).replaceAll('\n', ' ').trim()}`, children: _jsx(OpenInNew, { fontSize: "small" }) }) })) : (_jsx(CustomButton, { size: "small", variant: "outlined", startIcon: _jsx(OpenInNew, {}), component: Link, disabled: !response, ...{ to: `/hits?query=${sanitizeMultilineLucene(query).replaceAll('\n', ' ').trim()}` }, children: t('route.advanced.open') }))), smallButtons ? (_jsx(Tooltip, { title: response ? t('route.advanced.create.rule') : t('route.advanced.create.rule.disabled'), children: _jsx(IconButton, { size: "small", sx: { alignSelf: 'center' }, color: "info", onClick: onCreateRule, disabled: !response, children: _jsx(SsidChart, {}) }) })) : (_jsx(CustomButton, { size: "small", variant: "outlined", color: "info", startIcon: _jsx(SsidChart, {}), onClick: onCreateRule, disabled: !response, ...{ to: `/hits?query=${sanitizeMultilineLucene(query).replaceAll('\n', ' ').trim()}` }, tooltip: !response && t('route.advanced.create.rule.disabled'), children: t('route.advanced.create.rule') }))] }), _jsxs(Box, { width: "100%", height: "calc(100vh - 112px)", sx: { position: 'relative', overflow: 'hidden', borderTop: `thin solid ${theme.palette.divider}` }, children: [_jsx(Box, { sx: {
|
|
226
|
+
], slotProps: { paper: { sx: { minWidth: '600px' } } } }), _jsx(Card, { variant: "outlined", sx: { flex: 1, maxWidth: '350px', minWidth: '210px' }, children: _jsxs(Stack, { spacing: 0.5, sx: { px: 1, alignItems: 'start' }, children: [_jsxs(Typography, { variant: "caption", color: "text.secondary", sx: { whiteSpace: 'nowrap' }, children: [t('route.advanced.rows'), ": ", STEPS[rows]] }), _jsx(Slider, { size: "small", valueLabelDisplay: "off", value: rows, onChange: (_, value) => setRows(value), min: 0, max: 9, step: 1, marks: true, track: false, sx: { py: 0.5 } })] }) })] }), type === 'lucene' && (_jsx(Autocomplete, { size: "small", getOptionLabel: opt => t(`route.advanced.query.type.${opt}`), options: LUCENE_QUERY_OPTIONS, value: queryType, onChange: (_event, value) => setQueryType(value), renderInput: params => (_jsx(TextField, { ...params, label: t('route.advanced.query.type'), sx: { minWidth: '200px' } })) })), queryType === 'groupby' && (_jsx(Autocomplete, { size: "small", options: fieldOptions, value: groupByField, onChange: (__, value) => setGroupByField(value), renderInput: params => _jsx(TextField, { ...params, label: t('route.advanced.pivot.field') }), sx: { minWidth: '200px', '& label': { zIndex: 1200 } }, onKeyDown: onKeyDown, PopperComponent: CustomPopper })), allFields && queryType !== 'facet' ? (_jsx(FormControlLabel, { control: _jsx(Checkbox, { size: "small", checked: allFields, onChange: (__, checked) => setAllFields(checked) }), label: t('route.advanced.fields.all'), sx: { '& > span': { color: 'text.secondary' }, alignSelf: 'start' } })) : (_jsx(Autocomplete, { fullWidth: true, renderTags: values => values.length <= 3 ? (_jsx(Stack, { direction: "row", spacing: 0.5, children: values.map(_value => (_jsx(Chip, { size: "small", label: _value }, _value))) })) : (_jsx(Tooltip, { title: _jsx(Stack, { spacing: 1, children: values.map(_value => (_jsx("span", { children: _value }, _value))) }), children: _jsx(Chip, { size: "small", label: values.length }) })), multiple: true, size: "small", options: fieldOptions, value: fields, onChange: (__, values) => (values.length > 0 ? setFields(values) : setAllFields(true)), renderInput: params => _jsx(TextField, { ...params, label: t('route.advanced.fields') }), sx: { maxWidth: '500px', width: '20vw', minWidth: '200px', '& label': { zIndex: 1200 } }, onKeyDown: onKeyDown, PopperComponent: CustomPopper })), _jsx(FlexOne, {}), type === 'lucene' &&
|
|
227
|
+
(smallButtons ? (_jsx(Tooltip, { title: t('route.advanced.open'), children: _jsx(IconButton, { color: "primary", sx: { alignSelf: 'center' }, component: Link, disabled: !response, to: `/hits?query=${sanitizeMultilineLucene(query).replaceAll('\n', ' ').trim()}`, children: _jsx(OpenInNew, { fontSize: "small" }) }) })) : (_jsx(CustomButton, { size: "small", variant: "outlined", startIcon: _jsx(OpenInNew, {}), component: Link, disabled: !response, ...{ to: `/hits?query=${sanitizeMultilineLucene(query).replaceAll('\n', ' ').trim()}` }, children: t('route.advanced.open') }))), smallButtons ? (_jsx(Tooltip, { title: response ? t('route.advanced.create.rule') : t('route.advanced.create.rule.disabled'), children: _jsx(IconButton, { size: "small", sx: { alignSelf: 'center' }, color: "info", onClick: onCreateRule, disabled: !response, children: _jsx(SsidChart, {}) }) })) : (_jsx(CustomButton, { size: "small", variant: "outlined", color: "info", startIcon: _jsx(SsidChart, {}), onClick: onCreateRule, disabled: !response, ...{ to: `/hits?query=${sanitizeMultilineLucene(query).replaceAll('\n', ' ').trim()}` }, tooltip: !response && t('route.advanced.create.rule.disabled'), children: t('route.advanced.create.rule') }))] }), _jsxs(Box, { width: "100%", height: "calc(100vh - 112px)", sx: { position: 'relative', overflow: 'hidden', borderTop: `thin solid ${theme.palette.divider}` }, children: [_jsx(Box, { sx: {
|
|
228
|
+
position: 'absolute',
|
|
229
|
+
top: 0,
|
|
230
|
+
left: 0,
|
|
231
|
+
bottom: 0,
|
|
232
|
+
right: `calc(50% + 7px - ${x}px)`,
|
|
233
|
+
pt: 1,
|
|
234
|
+
display: 'flex'
|
|
235
|
+
}, children: _jsx(QueryEditor, { query: query, setQuery: setQuery, language: type, height: "100%" }) }), _jsx(Box, { sx: {
|
|
200
236
|
position: 'absolute',
|
|
201
237
|
top: 0,
|
|
202
238
|
bottom: 0,
|
|
@@ -431,8 +431,13 @@
|
|
|
431
431
|
"route.advanced.query.yaml": "Sigma Rule",
|
|
432
432
|
"route.advanced.query.yaml.description": "Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. The rule format is very flexible, easy to write and applicable to any type of log file.",
|
|
433
433
|
"route.advanced.result.title": "Howler Advanced Search",
|
|
434
|
-
"route.advanced.result.description": "
|
|
435
|
-
"route.advanced.type": "Rule Type",
|
|
434
|
+
"route.advanced.result.description": "Execute a query to show results here.",
|
|
435
|
+
"route.advanced.rule.type": "Rule Type",
|
|
436
|
+
"route.advanced.pivot.field": "Group By Field",
|
|
437
|
+
"route.advanced.query.type": "Query Type",
|
|
438
|
+
"route.advanced.query.type.default": "Default",
|
|
439
|
+
"route.advanced.query.type.facet": "Facet",
|
|
440
|
+
"route.advanced.query.type.groupby": "Group By",
|
|
436
441
|
"route.analytics": "Analytics",
|
|
437
442
|
"route.analytics.deleted": "Deleted Rule!",
|
|
438
443
|
"route.analytics.detections": "Detections:",
|
|
@@ -431,8 +431,13 @@
|
|
|
431
431
|
"route.advanced.query.yaml": "Règle Sigma",
|
|
432
432
|
"route.advanced.query.yaml.description": "Sigma est un format de signature générique et ouvert qui vous permet de décrire des événements de journal pertinents de manière directe. Le format de règle est très flexible, facile à écrire et applicable à tout type de fichier journal.",
|
|
433
433
|
"route.advanced.result.title": "Recherche avancée de howler",
|
|
434
|
-
"route.advanced.result.description": "
|
|
435
|
-
"route.advanced.type": "Type de règle",
|
|
434
|
+
"route.advanced.result.description": "Exécutez une requête pour afficher les résultats ici.",
|
|
435
|
+
"route.advanced.rule.type": "Type de règle",
|
|
436
|
+
"route.advanced.pivot.field": "Champ à regrouper par",
|
|
437
|
+
"route.advanced.query.type": "Type de requête",
|
|
438
|
+
"route.advanced.query.type.default": "Défaut",
|
|
439
|
+
"route.advanced.query.type.facet": "Facette",
|
|
440
|
+
"route.advanced.query.type.groupby": "Regrouper",
|
|
436
441
|
"route.analytics": "Analyses",
|
|
437
442
|
"route.analytics.deleted": "Règle supprimée!",
|
|
438
443
|
"route.analytics.detections": "Détections:",
|