import sys import qt import string from AlertDetailForm import * import prelude from Misc import disable_resize from SourceDetailForm import SourceDetailForm from TargetDetailForm import TargetDetailForm from FileDetailForm import FileDetailForm class AlertDetailDialog(AlertDetailForm): def __init__(self, parent, alert): AlertDetailForm.__init__(self, parent) disable_resize(self) self.parent = parent self.alert = alert #self.setModal(True) self.fillGeneral() self.fillAnalyzer() self.fillSource() self.fillTarget() self.fillAdditionalData() self.fillDump() def getPixmap(self, ostype): file = "images/unknown_host.png" try: file = { "OpenBSD": "images/openbsd_host.png", "Linux": "images/linux_host.png", "Win32": "images/win_host.png", "Macintosh": "images/mac_host.png", "Darwin": "images/darwin_host.png", "NetBSD": "images/defbsd_host.png", "FreeBSD": "images/defbsd_host.png" }[ostype] except KeyError: pass return QPixmap(file) def fillGeneral(self): ### GENERAL GROUP severityColor = { "low" : "#00ff00", "medium" : "#fe6728", "high" : "#ff0000", "n/a" : "#000000" } alert = self.alert self.sumgenalertidLabel.setText(alert["alert.ident"]) severity = alert["alert.assessment.impact.severity"] self.sumgenseverityLabel.setText('%s' % (severityColor.get(severity, "n/a"), severity)) self.sumgentypeLabel.setText(alert["alert.type"]) self.sumgenclassificationLabel.setText(alert["alert.classification(0).name"]) #self.algenostypeLabel.setText(ostype) #pixmap = QPixmap(self.ospixmap.get(ostype, "unknown")) ### SOURCE & TARGET self.sumsrcinterfaceLabel.setText(alert["alert.source(0).interface"]) self.sumsrcipLabel.setText(alert.getElement("source", "node.address(0).address")) self.sumsrcportLabel.setText(alert["alert.source(0).service.port"]) self.sumdstipLabel.setText(alert.getElement("target", "node.address(0).address")) self.sumdstportLabel.setText(alert["alert.target(0).service.port"]) self.sumdstinterfaceLabel.setText(alert["alert.source(0).interface"]) ###TIME self.sumcreatetimeLabel.setText(alert.getCreateTime()) self.sumdetecttimeLabel.setText(alert.getTime()) ###ANALYZER self.sumaltypeLabel.setText(alert["alert.analyzer.model"]) self.sumalosversionLabel.setText(alert["alert.analyzer.osversion"]) ostype = alert["alert.analyzer.ostype"] self.sumalostypeLabel.setText(ostype) pixmap = self.getPixmap(ostype) self.sumalpixmapLabel.setPixmap(pixmap) def fillAnalyzer(self): alert = self.alert ### GENERAL self.algenidentLabel.setText(alert["alert.analyzer.analyzerid"]) self.algenmanufacturerLabel.setText(alert["alert.analyzer.manufacturer"]) self.algenmodelLabel.setText(alert["alert.analyzer.model"]) self.algenversionLabel.setText(alert["alert.analyzer.version"]) self.algenclassLabel.setText(alert["alert.analyzer.class"]) self.algenosversionLabel.setText(alert["alert.analyzer.osversion"]) ostype = self.alert["alert.analyzer.ostype"] self.algenostypeLabel.setText(ostype) pixmap = self.getPixmap(ostype) self.algenpixmapLabel.setPixmap(pixmap) ### NODE self.alnodeidentLabel.setText(alert["alert.analyzer.node.ident"]) self.alnodenameLabel.setText(alert["alert.analyzer.node.name"]) self.alnodeaddrLabel.setText(alert["alert.analyzer.node.address(0).address"]) self.alnodeaddrcatLabel.setText(alert["alert.analyzer.node.address(0).category"]) self.alnodelocationLabel.setText(alert["alert.analyzer.node.location"]) self.alnodecatLabel.setText(alert["alert.analyzer.node.category"]) ### PROCESS self.alprocidentLabel.setText(alert["alert.analyzer.process.ident"]) self.alprocnameLabel.setText(alert["alert.analyzer.process.name"]) self.alprocpathLabel.setText(alert["alert.analyzer.process.path"]) self.alprocpidLabel.setText(alert["alert.analyzer.process.pid"]) def fillSource(self): ###NODE self.sourceTab = [ ] firstColumn = True self.sourcetabWidget.removePage(self.sourcetabWidget.currentPage()) tab = SourceDetailForm() self.sourceTab.append(tab) self.sourcetabWidget.insertTab(self.sourceTab[0], "Source") source = self.sourceTab[0] alert = self.alert source.srcnodeaddrListBox.insertItem(alert.getElement("source", "node.address(0).address")) source.srcnodenameLabel.setText(alert.getElement("source", "node.name")) source.srcnodecatLabel.setText(alert.getElement("source", "node.category")) source.srcnodelocLabel.setText(alert.getElement("source", "node.location")) ### USER source.srcusrcatLabel.setText(alert.getElement("source", "user.category")) source.srcusridentListBox.insertItem(alert.getElement("source", "user.ident")) source.srcusrnameLabel.setText(alert.getElement("source", "user.userid(0).name")) ### PROCESS source.srcprocidentLabel.setText(alert.getElement("source", "process.ident")) source.srcprocnameLabel.setText(alert.getElement("source", "process.name")) source.srcprocpathLabel.setText(alert.getElement("source", "process.path")) source.srcprocpidLabel.setText(alert.getElement("source", "process.pid")) ### SERVICE source.srcsrvidentLabel.setText(alert.getElement("source", "service.ident")) source.srcsrvnameLabel.setText(alert.getElement("source", "service.name")) source.srcsrvportLabel.setText(alert.getElement("source", "service.port")) source.srcsrvurlLabel.setText(alert.getElement("source", "service.web.url")) source.srcsrvsnmpLabel.setText(alert.getElement("source", "service.snmp.oid")) source.srcsrvprotLabel.setText(alert.getElement("source", "service.protocol")) source.srcsrvtypeLabel.setText(alert.getElement("source", "service.type")) def fileInformationNextPage(self): self.targetFileIndex += 1 tabIndex = self.targetTab[0].currentPageIndex() self.targetTab[tabIndex].targetwidgetStack.raiseWidget(self.targetFileIndex % maxFile) def fileInformationPrevPage(self): self.targetFileIndex -= 1 tabIndex = self.targetTab[0].currentPageIndex() if self.targetFileIndex == 0: self.targetTab[tabIndex].targetwidgetStack.fileprevButton.setEnable(False) self.targetTab[tabIndex].targetwidgetStack.raiseWidget(self.targetFileIndex % maxFile) def fillTarget(self): ### NODE self.targetTab = [ ] self.fileTab = [ ] self.targetTabIndex = 0 self.targetFileIndex = 0 self.targettabWidget.removePage(self.targettabWidget.currentPage()) targettab = TargetDetailForm() self.targetTab.append(targettab) self.targettabWidget.insertTab(self.targetTab[0], "Target") target = targettab alert = self.alert self.connect(targettab.filesButton, SIGNAL("clicked()"), self.fileInformationNextPage) if alert.getElement("target", "file(0).ident") != "n/a": target.fileButton.setEnable(True) filetab = FileDetailForm() filetab.filegennameLabel.setText(alert.getElement("target", "file(0).name")) filetab.filegencategoryLabel.setText(alert.getElement("target", "file(0).category")) filetab.filegenpathLabel.setText(alert.getElement("target", "file(0).path")) filetab.filegensizeLabel.setText(alert.getElement("target", "file(0).size")) filetab.filetimecreat.setText(self.getElement("target", "file(0).create_time")) filetab.filetimemodification.setText(alert.getElement("target", "file(0).modify_time")) filetab.fileaccessusername.setText(alert.getElement("target", "file(0).file_access(0).userid.name")) filetab.fileaccessuserid.setText(alert.getElement("target", "file(0).file_access(0).userid.number")) filetab.fileaccesspermission.setText(alert.getElement("target", "file(0).file_access(0).permission(0)")) self.connect(filetab.filepreviousButton, SIGNAL("clicked()"), self.fileInformationPrevPage) self.connect(filetab.filenextButton, SIGNAL("clicked()"), self.fileInformationNextPage) self.fileTab.append(filetab) target.targetwidgetStack.addWidget(filetab) self.maxFile = file target.dstnodeaddrListBox.insertItem(alert.getElement("target", "node.address(0).address")) target.dstnodenameLabel.setText(alert.getElement("target", "node.name")) target.dstnodecatLabel.setText(alert.getElement("target", "node.category")) target.dstnodelocLabel.setText(alert.getElement("target", "node.location")) ### USER target.dstusrcatLabel.setText(alert.getElement("target", "user.category")) target.dstusridentListBox.insertItem(alert.getElement("target", "user.ident")) target.dstusrnameLabel.setText(alert.getElement("target", "user.userid(0).name")) ### PROCESS target.dstprocidentLabel.setText(alert.getElement("target", "process.ident")) target.dstprocnameLabel.setText(alert.getElement("target", "process.name")) target.dstprocpathLabel.setText(alert.getElement("target", "process.path")) target.dstprocpidLabel.setText(alert.getElement("target", "process.pid")) ### SERVICE target.dstsrvidentLabel.setText(alert.getElement("target", "service.ident")) target.dstsrvnameLabel.setText(alert.getElement("target", "service.name")) target.dstsrvportLabel.setText(alert.getElement("target", "service.port")) target.dstsrvurlLabel.setText(alert.getElement("target", "service.web.url")) target.dstsrvsnmpLabel.setText(alert.getElement("target", "service.snmp.oid")) target.dstsrvprotLabel.setText(alert.getElement("target", "service.protocol")) target.dstsrvtypeLabel.setText(alert.getElement("target", "service.type")) def fillAdditionalDataTextEdit(self, item): self.additionaldataTextEdit.clear() for col in range(self.additionaldataListView.columns()): self.additionaldataTextEdit.append(item.text(col)) self.additionaldataTextEdit.append(" ") def fillAdditionalData(self): addataHeader = ( "meaning", "data") self.connect(self.additionaldataListView, SIGNAL("selectionChanged(QListViewItem *)"), self.fillAdditionalDataTextEdit) for header in range(len(addataHeader)): self.additionaldataListView.addColumn(addataHeader[header]) data = 0 while self.alert['alert.additional_data(%d).type' % data] != "n/a": item = QListViewItem(self.additionaldataListView, ) for elem in range(len(addataHeader)): item.setText(elem, self.alert['alert.additional_data(%d).%s' % (data, addataHeader[elem])]) self.additionaldataListView.insertItem(item) data += 1 def fillDump(self): self.dumpTextEdit.setTextFormat(Qt.LogText) try: self.dumpTextEdit.setText(str(self.alert)) except prelude.Error: # forget the dump if it is too big self.dumpTextEdit.setText("Not Available")