github.com/crowdsecurity/crowdsec@v1.6.1/cmd/crowdsec-cli/alerts_table.go

github.com/crowdsecurity/crowdsec@v1.6.1/cmd/crowdsec-cli/alerts_table.go (about)

     1  package main
     2  
     3  import (
     4  	"fmt"
     5  	"io"
     6  	"sort"
     7  	"strconv"
     8  	"time"
     9  
    10  	log "github.com/sirupsen/logrus"
    11  
    12  	"github.com/crowdsecurity/crowdsec/pkg/models"
    13  )
    14  
    15  func alertsTable(out io.Writer, alerts *models.GetAlertsResponse, printMachine bool) {
    16  	t := newTable(out)
    17  	t.SetRowLines(false)
    18  	header := []string{"ID", "value", "reason", "country", "as", "decisions", "created_at"}
    19  	if printMachine {
    20  		header = append(header, "machine")
    21  	}
    22  	t.SetHeaders(header...)
    23  
    24  	for _, alertItem := range *alerts {
    25  		displayVal := *alertItem.Source.Scope
    26  		if len(alertItem.Decisions) > 1 {
    27  			displayVal = fmt.Sprintf("%s (%d %ss)", *alertItem.Source.Scope, len(alertItem.Decisions), *alertItem.Decisions[0].Scope)
    28  		} else if *alertItem.Source.Value != "" {
    29  			displayVal += ":" + *alertItem.Source.Value
    30  		}
    31  
    32  		row := []string{
    33  			strconv.Itoa(int(alertItem.ID)),
    34  			displayVal,
    35  			*alertItem.Scenario,
    36  			alertItem.Source.Cn,
    37  			alertItem.Source.GetAsNumberName(),
    38  			DecisionsFromAlert(alertItem),
    39  			*alertItem.StartAt,
    40  		}
    41  
    42  		if printMachine {
    43  			row = append(row, alertItem.MachineID)
    44  		}
    45  
    46  		t.AddRow(row...)
    47  	}
    48  
    49  	t.Render()
    50  }
    51  
    52  func alertDecisionsTable(out io.Writer, alert *models.Alert) {
    53  	foundActive := false
    54  	t := newTable(out)
    55  	t.SetRowLines(false)
    56  	t.SetHeaders("ID", "scope:value", "action", "expiration", "created_at")
    57  	for _, decision := range alert.Decisions {
    58  		parsedDuration, err := time.ParseDuration(*decision.Duration)
    59  		if err != nil {
    60  			log.Error(err)
    61  		}
    62  		expire := time.Now().UTC().Add(parsedDuration)
    63  		if time.Now().UTC().After(expire) {
    64  			continue
    65  		}
    66  		foundActive = true
    67  		scopeAndValue := *decision.Scope
    68  		if *decision.Value != "" {
    69  			scopeAndValue += ":" + *decision.Value
    70  		}
    71  		t.AddRow(
    72  			strconv.Itoa(int(decision.ID)),
    73  			scopeAndValue,
    74  			*decision.Type,
    75  			*decision.Duration,
    76  			alert.CreatedAt,
    77  		)
    78  	}
    79  	if foundActive {
    80  		fmt.Printf(" - Active Decisions  :\n")
    81  		t.Render() // Send output
    82  	}
    83  }
    84  
    85  func alertEventTable(out io.Writer, event *models.Event) {
    86  	fmt.Fprintf(out, "\n- Date: %s\n", *event.Timestamp)
    87  
    88  	t := newTable(out)
    89  	t.SetHeaders("Key", "Value")
    90  	sort.Slice(event.Meta, func(i, j int) bool {
    91  		return event.Meta[i].Key < event.Meta[j].Key
    92  	})
    93  
    94  	for _, meta := range event.Meta {
    95  		t.AddRow(
    96  			meta.Key,
    97  			meta.Value,
    98  		)
    99  	}
   100  
   101  	t.Render() // Send output
   102  }