securenow 5.2.2 → 5.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli/apps.js +167 -0
- package/cli/auth.js +208 -0
- package/cli/client.js +113 -0
- package/cli/config.js +111 -0
- package/cli/init.js +100 -0
- package/cli/monitor.js +458 -0
- package/cli/security.js +630 -0
- package/cli/ui.js +312 -0
- package/cli.js +357 -235
- package/package.json +3 -1
package/cli/monitor.js
ADDED
|
@@ -0,0 +1,458 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { api, requireAuth } = require('./client');
|
|
4
|
+
const config = require('./config');
|
|
5
|
+
const ui = require('./ui');
|
|
6
|
+
|
|
7
|
+
function resolveApp(flags) {
|
|
8
|
+
return flags.app || config.getDefaultApp();
|
|
9
|
+
}
|
|
10
|
+
|
|
11
|
+
// ── Traces ──
|
|
12
|
+
|
|
13
|
+
async function tracesList(args, flags) {
|
|
14
|
+
requireAuth();
|
|
15
|
+
const appKey = resolveApp(flags);
|
|
16
|
+
if (!appKey) {
|
|
17
|
+
ui.error('No app specified. Use --app <key> or set a default with `securenow config set defaultApp <key>`');
|
|
18
|
+
process.exit(1);
|
|
19
|
+
}
|
|
20
|
+
|
|
21
|
+
const s = ui.spinner('Fetching traces');
|
|
22
|
+
try {
|
|
23
|
+
const query = {
|
|
24
|
+
serviceName: appKey,
|
|
25
|
+
limit: flags.limit || 20,
|
|
26
|
+
};
|
|
27
|
+
if (flags.start) query.start = flags.start;
|
|
28
|
+
if (flags.end) query.end = flags.end;
|
|
29
|
+
|
|
30
|
+
const data = await api.get('/traces/recent', { query });
|
|
31
|
+
const traces = Array.isArray(data) ? data : data.traces || [];
|
|
32
|
+
s.stop(`Found ${traces.length} trace${traces.length !== 1 ? 's' : ''}`);
|
|
33
|
+
|
|
34
|
+
if (flags.json) { ui.json(traces); return; }
|
|
35
|
+
|
|
36
|
+
console.log('');
|
|
37
|
+
const rows = traces.map(t => [
|
|
38
|
+
ui.c.dim(ui.truncate(t.traceID || t.traceId || t._id, 16)),
|
|
39
|
+
t.operationName || t.name || t.serviceName || '—',
|
|
40
|
+
ui.httpStatusColor(t.statusCode || t.httpStatusCode || '—'),
|
|
41
|
+
ui.durationColor(t.durationNano ? t.durationNano / 1e6 : t.duration),
|
|
42
|
+
t.httpMethod || t.method || '—',
|
|
43
|
+
ui.truncate(t.httpUrl || t.url || t.httpRoute || '', 40),
|
|
44
|
+
ui.timeAgo(t.timestamp),
|
|
45
|
+
]);
|
|
46
|
+
|
|
47
|
+
ui.table(['Trace ID', 'Operation', 'Status', 'Duration', 'Method', 'URL', 'Time'], rows);
|
|
48
|
+
console.log('');
|
|
49
|
+
} catch (err) {
|
|
50
|
+
s.fail('Failed to fetch traces');
|
|
51
|
+
throw err;
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
|
|
55
|
+
async function tracesShow(args, flags) {
|
|
56
|
+
requireAuth();
|
|
57
|
+
const traceId = args[0];
|
|
58
|
+
if (!traceId) {
|
|
59
|
+
ui.error('Trace ID is required. Usage: securenow traces show <traceId>');
|
|
60
|
+
process.exit(1);
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
const s = ui.spinner('Fetching trace details');
|
|
64
|
+
try {
|
|
65
|
+
const data = await api.get(`/traces/${traceId}`);
|
|
66
|
+
s.stop('Trace loaded');
|
|
67
|
+
|
|
68
|
+
if (flags.json) { ui.json(data); return; }
|
|
69
|
+
|
|
70
|
+
const trace = data.trace || data;
|
|
71
|
+
console.log('');
|
|
72
|
+
ui.heading(`Trace ${traceId}`);
|
|
73
|
+
console.log('');
|
|
74
|
+
|
|
75
|
+
if (trace.spans && trace.spans.length) {
|
|
76
|
+
ui.subheading(`Spans (${trace.spans.length})`);
|
|
77
|
+
console.log('');
|
|
78
|
+
const rows = trace.spans.map(span => [
|
|
79
|
+
ui.c.dim(ui.truncate(span.spanID || span.spanId, 16)),
|
|
80
|
+
span.operationName || span.name || '—',
|
|
81
|
+
ui.httpStatusColor(span.statusCode || '—'),
|
|
82
|
+
ui.durationColor(span.durationNano ? span.durationNano / 1e6 : span.duration),
|
|
83
|
+
span.kind || '—',
|
|
84
|
+
]);
|
|
85
|
+
ui.table(['Span ID', 'Operation', 'Status', 'Duration', 'Kind'], rows);
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
if (trace.rootSpan || trace.serviceName) {
|
|
89
|
+
console.log('');
|
|
90
|
+
ui.keyValue([
|
|
91
|
+
['Service', trace.serviceName || '—'],
|
|
92
|
+
['Root Operation', trace.rootOperationName || trace.rootSpan?.operationName || '—'],
|
|
93
|
+
['Duration', trace.durationMs ? `${trace.durationMs}ms` : '—'],
|
|
94
|
+
['Timestamp', trace.startTime ? new Date(trace.startTime).toLocaleString() : '—'],
|
|
95
|
+
]);
|
|
96
|
+
}
|
|
97
|
+
console.log('');
|
|
98
|
+
} catch (err) {
|
|
99
|
+
s.fail('Failed to fetch trace');
|
|
100
|
+
throw err;
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
async function tracesAnalyze(args, flags) {
|
|
105
|
+
requireAuth();
|
|
106
|
+
const traceId = args[0];
|
|
107
|
+
if (!traceId) {
|
|
108
|
+
ui.error('Trace ID is required. Usage: securenow traces analyze <traceId>');
|
|
109
|
+
process.exit(1);
|
|
110
|
+
}
|
|
111
|
+
|
|
112
|
+
const s = ui.spinner('Analyzing trace with AI');
|
|
113
|
+
try {
|
|
114
|
+
const result = await api.post('/traces/analyze', { traceId });
|
|
115
|
+
s.stop('Analysis complete');
|
|
116
|
+
|
|
117
|
+
if (flags.json) { ui.json(result); return; }
|
|
118
|
+
|
|
119
|
+
console.log('');
|
|
120
|
+
ui.heading('AI Trace Analysis');
|
|
121
|
+
console.log('');
|
|
122
|
+
console.log(result.analysis || result.message || JSON.stringify(result, null, 2));
|
|
123
|
+
console.log('');
|
|
124
|
+
} catch (err) {
|
|
125
|
+
s.fail('Analysis failed');
|
|
126
|
+
throw err;
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
|
|
130
|
+
// ── Logs ──
|
|
131
|
+
|
|
132
|
+
async function logsList(args, flags) {
|
|
133
|
+
requireAuth();
|
|
134
|
+
const appKey = resolveApp(flags);
|
|
135
|
+
if (!appKey) {
|
|
136
|
+
ui.error('No app specified. Use --app <key> or set a default.');
|
|
137
|
+
process.exit(1);
|
|
138
|
+
}
|
|
139
|
+
|
|
140
|
+
const s = ui.spinner('Fetching logs');
|
|
141
|
+
try {
|
|
142
|
+
const minutes = parseInt(flags.minutes || '60', 10);
|
|
143
|
+
const now = Date.now();
|
|
144
|
+
const query = {
|
|
145
|
+
serviceName: appKey,
|
|
146
|
+
limit: flags.limit || 50,
|
|
147
|
+
start: flags.start || new Date(now - minutes * 60 * 1000).toISOString(),
|
|
148
|
+
end: flags.end || new Date(now).toISOString(),
|
|
149
|
+
};
|
|
150
|
+
if (flags.level) query.level = flags.level;
|
|
151
|
+
|
|
152
|
+
const data = await api.get('/logs', { query });
|
|
153
|
+
const logs = Array.isArray(data) ? data : data.logs || [];
|
|
154
|
+
s.stop(`Found ${logs.length} log${logs.length !== 1 ? 's' : ''}`);
|
|
155
|
+
|
|
156
|
+
if (flags.json) { ui.json(logs); return; }
|
|
157
|
+
|
|
158
|
+
console.log('');
|
|
159
|
+
for (const log of logs) {
|
|
160
|
+
const level = (log.severityText || log.level || 'INFO').toUpperCase();
|
|
161
|
+
const levelColor = {
|
|
162
|
+
ERROR: ui.c.red, WARN: ui.c.yellow, WARNING: ui.c.yellow,
|
|
163
|
+
INFO: ui.c.cyan, DEBUG: ui.c.dim,
|
|
164
|
+
}[level] || ui.c.white;
|
|
165
|
+
|
|
166
|
+
const time = ui.c.dim(log.timestamp ? new Date(log.timestamp).toLocaleTimeString() : '');
|
|
167
|
+
const body = log.body || log.message || log.severityText || '';
|
|
168
|
+
|
|
169
|
+
console.log(` ${time} ${levelColor(level.padEnd(7))} ${body}`);
|
|
170
|
+
|
|
171
|
+
if (log.traceId && flags.verbose) {
|
|
172
|
+
console.log(` ${ui.c.dim(` trace=${log.traceId} span=${log.spanId || ''}`)}`);
|
|
173
|
+
}
|
|
174
|
+
}
|
|
175
|
+
console.log('');
|
|
176
|
+
} catch (err) {
|
|
177
|
+
s.fail('Failed to fetch logs');
|
|
178
|
+
throw err;
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
|
|
182
|
+
async function logsTrace(args, flags) {
|
|
183
|
+
requireAuth();
|
|
184
|
+
const traceId = args[0];
|
|
185
|
+
if (!traceId) {
|
|
186
|
+
ui.error('Trace ID required. Usage: securenow logs trace <traceId>');
|
|
187
|
+
process.exit(1);
|
|
188
|
+
}
|
|
189
|
+
|
|
190
|
+
const s = ui.spinner('Fetching logs for trace');
|
|
191
|
+
try {
|
|
192
|
+
const data = await api.get(`/logs/trace/${traceId}`);
|
|
193
|
+
const logs = Array.isArray(data) ? data : data.logs || [];
|
|
194
|
+
s.stop(`Found ${logs.length} log${logs.length !== 1 ? 's' : ''}`);
|
|
195
|
+
|
|
196
|
+
if (flags.json) { ui.json(logs); return; }
|
|
197
|
+
|
|
198
|
+
console.log('');
|
|
199
|
+
for (const log of logs) {
|
|
200
|
+
const level = (log.severityText || log.level || 'INFO').toUpperCase();
|
|
201
|
+
const levelColor = {
|
|
202
|
+
ERROR: ui.c.red, WARN: ui.c.yellow, WARNING: ui.c.yellow,
|
|
203
|
+
INFO: ui.c.cyan, DEBUG: ui.c.dim,
|
|
204
|
+
}[level] || ui.c.white;
|
|
205
|
+
|
|
206
|
+
const time = ui.c.dim(log.timestamp ? new Date(log.timestamp).toLocaleTimeString() : '');
|
|
207
|
+
console.log(` ${time} ${levelColor(level.padEnd(7))} ${log.body || log.message || ''}`);
|
|
208
|
+
}
|
|
209
|
+
console.log('');
|
|
210
|
+
} catch (err) {
|
|
211
|
+
s.fail('Failed to fetch logs');
|
|
212
|
+
throw err;
|
|
213
|
+
}
|
|
214
|
+
}
|
|
215
|
+
|
|
216
|
+
// ── Issues ──
|
|
217
|
+
|
|
218
|
+
async function issuesList(args, flags) {
|
|
219
|
+
requireAuth();
|
|
220
|
+
const s = ui.spinner('Fetching issues');
|
|
221
|
+
try {
|
|
222
|
+
const query = {};
|
|
223
|
+
const appKey = resolveApp(flags);
|
|
224
|
+
if (appKey) query.serviceName = appKey;
|
|
225
|
+
if (flags.status) query.status = flags.status;
|
|
226
|
+
|
|
227
|
+
const data = await api.get('/issues', { query });
|
|
228
|
+
const issues = Array.isArray(data) ? data : data.issues || [];
|
|
229
|
+
s.stop(`Found ${issues.length} issue${issues.length !== 1 ? 's' : ''}`);
|
|
230
|
+
|
|
231
|
+
if (flags.json) { ui.json(issues); return; }
|
|
232
|
+
|
|
233
|
+
console.log('');
|
|
234
|
+
const rows = issues.map(i => [
|
|
235
|
+
ui.c.dim(ui.truncate(i._id, 12)),
|
|
236
|
+
ui.statusBadge(i.severity || i.level || 'medium'),
|
|
237
|
+
ui.statusBadge(i.status || 'open'),
|
|
238
|
+
ui.truncate(i.title || i.message || i.type || '', 50),
|
|
239
|
+
i.serviceName || '—',
|
|
240
|
+
i.count != null ? String(i.count) : '—',
|
|
241
|
+
ui.timeAgo(i.lastSeen || i.createdAt),
|
|
242
|
+
]);
|
|
243
|
+
|
|
244
|
+
ui.table(['ID', 'Severity', 'Status', 'Title', 'App', 'Count', 'Last Seen'], rows);
|
|
245
|
+
console.log('');
|
|
246
|
+
} catch (err) {
|
|
247
|
+
s.fail('Failed to fetch issues');
|
|
248
|
+
throw err;
|
|
249
|
+
}
|
|
250
|
+
}
|
|
251
|
+
|
|
252
|
+
async function issuesShow(args, flags) {
|
|
253
|
+
requireAuth();
|
|
254
|
+
const id = args[0];
|
|
255
|
+
if (!id) {
|
|
256
|
+
ui.error('Issue ID required. Usage: securenow issues show <id>');
|
|
257
|
+
process.exit(1);
|
|
258
|
+
}
|
|
259
|
+
|
|
260
|
+
const s = ui.spinner('Fetching issue');
|
|
261
|
+
try {
|
|
262
|
+
const issue = await api.get(`/issues/${id}`);
|
|
263
|
+
s.stop('Issue loaded');
|
|
264
|
+
|
|
265
|
+
if (flags.json) { ui.json(issue); return; }
|
|
266
|
+
|
|
267
|
+
console.log('');
|
|
268
|
+
ui.heading(issue.title || issue.type || `Issue ${id}`);
|
|
269
|
+
console.log('');
|
|
270
|
+
ui.keyValue([
|
|
271
|
+
['ID', issue._id],
|
|
272
|
+
['Status', ui.statusBadge(issue.status || 'open')],
|
|
273
|
+
['Severity', ui.statusBadge(issue.severity || issue.level || 'medium')],
|
|
274
|
+
['App', issue.serviceName || '—'],
|
|
275
|
+
['Type', issue.type || '—'],
|
|
276
|
+
['Count', issue.count != null ? String(issue.count) : '—'],
|
|
277
|
+
['First Seen', issue.firstSeen ? new Date(issue.firstSeen).toLocaleString() : '—'],
|
|
278
|
+
['Last Seen', issue.lastSeen ? new Date(issue.lastSeen).toLocaleString() : '—'],
|
|
279
|
+
]);
|
|
280
|
+
|
|
281
|
+
if (issue.message || issue.description) {
|
|
282
|
+
ui.subheading('Description');
|
|
283
|
+
console.log(`\n ${issue.message || issue.description}\n`);
|
|
284
|
+
}
|
|
285
|
+
|
|
286
|
+
if (issue.analysis) {
|
|
287
|
+
ui.subheading('AI Analysis');
|
|
288
|
+
console.log(`\n ${issue.analysis}\n`);
|
|
289
|
+
}
|
|
290
|
+
console.log('');
|
|
291
|
+
} catch (err) {
|
|
292
|
+
s.fail('Failed to fetch issue');
|
|
293
|
+
throw err;
|
|
294
|
+
}
|
|
295
|
+
}
|
|
296
|
+
|
|
297
|
+
async function issuesResolve(args, flags) {
|
|
298
|
+
requireAuth();
|
|
299
|
+
const id = args[0];
|
|
300
|
+
if (!id) {
|
|
301
|
+
ui.error('Issue ID required. Usage: securenow issues resolve <id>');
|
|
302
|
+
process.exit(1);
|
|
303
|
+
}
|
|
304
|
+
|
|
305
|
+
const s = ui.spinner('Resolving issue');
|
|
306
|
+
try {
|
|
307
|
+
await api.patch(`/issues/${id}`, { status: 'resolved' });
|
|
308
|
+
s.stop('Issue resolved');
|
|
309
|
+
} catch (err) {
|
|
310
|
+
s.fail('Failed to resolve issue');
|
|
311
|
+
throw err;
|
|
312
|
+
}
|
|
313
|
+
}
|
|
314
|
+
|
|
315
|
+
// ── Notifications ──
|
|
316
|
+
|
|
317
|
+
async function notificationsList(args, flags) {
|
|
318
|
+
requireAuth();
|
|
319
|
+
const s = ui.spinner('Fetching notifications');
|
|
320
|
+
try {
|
|
321
|
+
const query = { limit: flags.limit || 20, page: flags.page || 1 };
|
|
322
|
+
const data = await api.get('/notifications', { query });
|
|
323
|
+
const notifications = Array.isArray(data) ? data : data.notifications || data.data || [];
|
|
324
|
+
s.stop(`Found ${notifications.length} notification${notifications.length !== 1 ? 's' : ''}`);
|
|
325
|
+
|
|
326
|
+
if (flags.json) { ui.json(data); return; }
|
|
327
|
+
|
|
328
|
+
console.log('');
|
|
329
|
+
const rows = notifications.map(n => [
|
|
330
|
+
ui.c.dim(ui.truncate(n._id, 12)),
|
|
331
|
+
ui.statusBadge(n.read ? 'read' : 'unread'),
|
|
332
|
+
ui.truncate(n.title || n.message || n.type || '', 50),
|
|
333
|
+
n.ip || '—',
|
|
334
|
+
n.severity ? ui.statusBadge(n.severity) : '—',
|
|
335
|
+
ui.timeAgo(n.createdAt),
|
|
336
|
+
]);
|
|
337
|
+
|
|
338
|
+
ui.table(['ID', 'Status', 'Title', 'IP', 'Severity', 'Time'], rows);
|
|
339
|
+
console.log('');
|
|
340
|
+
} catch (err) {
|
|
341
|
+
s.fail('Failed to fetch notifications');
|
|
342
|
+
throw err;
|
|
343
|
+
}
|
|
344
|
+
}
|
|
345
|
+
|
|
346
|
+
async function notificationsRead(args, flags) {
|
|
347
|
+
requireAuth();
|
|
348
|
+
const id = args[0];
|
|
349
|
+
if (!id) {
|
|
350
|
+
ui.error('Notification ID required. Usage: securenow notifications read <id>');
|
|
351
|
+
process.exit(1);
|
|
352
|
+
}
|
|
353
|
+
|
|
354
|
+
const s = ui.spinner('Marking as read');
|
|
355
|
+
try {
|
|
356
|
+
await api.put(`/notifications/${id}`, { read: true });
|
|
357
|
+
s.stop('Notification marked as read');
|
|
358
|
+
} catch (err) {
|
|
359
|
+
s.fail('Failed to mark notification');
|
|
360
|
+
throw err;
|
|
361
|
+
}
|
|
362
|
+
}
|
|
363
|
+
|
|
364
|
+
async function notificationsReadAll() {
|
|
365
|
+
requireAuth();
|
|
366
|
+
const s = ui.spinner('Marking all as read');
|
|
367
|
+
try {
|
|
368
|
+
await api.put('/notifications/read-all');
|
|
369
|
+
s.stop('All notifications marked as read');
|
|
370
|
+
} catch (err) {
|
|
371
|
+
s.fail('Failed to mark notifications');
|
|
372
|
+
throw err;
|
|
373
|
+
}
|
|
374
|
+
}
|
|
375
|
+
|
|
376
|
+
async function notificationsUnread() {
|
|
377
|
+
requireAuth();
|
|
378
|
+
try {
|
|
379
|
+
const data = await api.get('/notifications/unread-count');
|
|
380
|
+
const count = data.count ?? data.unreadCount ?? data;
|
|
381
|
+
console.log(`\n ${ui.c.bold(String(count))} unread notification${count !== 1 ? 's' : ''}\n`);
|
|
382
|
+
} catch (err) {
|
|
383
|
+
throw err;
|
|
384
|
+
}
|
|
385
|
+
}
|
|
386
|
+
|
|
387
|
+
// ── Status / Dashboard Overview ──
|
|
388
|
+
|
|
389
|
+
async function status(args, flags) {
|
|
390
|
+
requireAuth();
|
|
391
|
+
const s = ui.spinner('Fetching dashboard overview');
|
|
392
|
+
try {
|
|
393
|
+
const [apps, unread] = await Promise.all([
|
|
394
|
+
api.get('/applications'),
|
|
395
|
+
api.get('/notifications/unread-count').catch(() => ({ count: 0 })),
|
|
396
|
+
]);
|
|
397
|
+
|
|
398
|
+
s.stop('Dashboard loaded');
|
|
399
|
+
|
|
400
|
+
console.log('');
|
|
401
|
+
ui.heading('SecureNow Dashboard');
|
|
402
|
+
console.log('');
|
|
403
|
+
|
|
404
|
+
ui.keyValue([
|
|
405
|
+
['Applications', String(apps.length)],
|
|
406
|
+
['Unread Alerts', String(unread.count ?? unread.unreadCount ?? 0)],
|
|
407
|
+
]);
|
|
408
|
+
|
|
409
|
+
if (apps.length > 0) {
|
|
410
|
+
ui.subheading('Applications');
|
|
411
|
+
console.log('');
|
|
412
|
+
const rows = apps.map(app => [
|
|
413
|
+
app.name,
|
|
414
|
+
ui.c.dim(app.key),
|
|
415
|
+
app.hosts?.length ? app.hosts.join(', ') : ui.c.dim('—'),
|
|
416
|
+
]);
|
|
417
|
+
ui.table(['Name', 'Key', 'Hosts'], rows);
|
|
418
|
+
}
|
|
419
|
+
|
|
420
|
+
const appKey = resolveApp(flags);
|
|
421
|
+
if (appKey) {
|
|
422
|
+
try {
|
|
423
|
+
const protectionData = await api.get('/applications/protection-status', { query: { serviceName: appKey } });
|
|
424
|
+
if (protectionData) {
|
|
425
|
+
ui.subheading(`Protection Status (${appKey})`);
|
|
426
|
+
console.log('');
|
|
427
|
+
const status = protectionData.status || protectionData;
|
|
428
|
+
if (typeof status === 'object') {
|
|
429
|
+
ui.keyValue(Object.entries(status).map(([k, v]) => [k, String(v)]));
|
|
430
|
+
} else {
|
|
431
|
+
console.log(` ${status}`);
|
|
432
|
+
}
|
|
433
|
+
}
|
|
434
|
+
} catch {}
|
|
435
|
+
}
|
|
436
|
+
|
|
437
|
+
console.log('');
|
|
438
|
+
} catch (err) {
|
|
439
|
+
s.fail('Failed to load dashboard');
|
|
440
|
+
throw err;
|
|
441
|
+
}
|
|
442
|
+
}
|
|
443
|
+
|
|
444
|
+
module.exports = {
|
|
445
|
+
tracesList,
|
|
446
|
+
tracesShow,
|
|
447
|
+
tracesAnalyze,
|
|
448
|
+
logsList,
|
|
449
|
+
logsTrace,
|
|
450
|
+
issuesList,
|
|
451
|
+
issuesShow,
|
|
452
|
+
issuesResolve,
|
|
453
|
+
notificationsList,
|
|
454
|
+
notificationsRead,
|
|
455
|
+
notificationsReadAll,
|
|
456
|
+
notificationsUnread,
|
|
457
|
+
status,
|
|
458
|
+
};
|