* add suricata_extract
* convert from dervive to gauge and use delta
* add suricata_extract to includes/html/pages/apps.inc.php
* graph cleanup
* add sub_size
* add sub_size graph
* add docs for suricata extract
* add tests for suricata_extract
* add rules for suricata extract
* minor test tweaks
* add privoxy
* various style fixes
* cleanup option bar
* save metrics for privoxy now
* add instructions for privoxy
* add privoxy test data
* regen the test data
* add a few missing depends to the instructions
* add apps.inc.php entry for privoxy
* note the required log settings for privoxy
* style fix
* code stuff done for Sneck
* whoops, correct the abs value post adding it post rrd update
* return a array for getting the sneck data and nicely print the raw return value
* add test stuff and freeze time at 1650911765 for tests
* move the freezeTime
* add use Illuminate\Support\Carbon;
* more test changes
* rework freezeTime a bit more
* more test stuff
* another test
* rework it a bit again
* correct variable spelling for $time_diff
* remove freezeTime as we are using a old version of Laravel
* finalize graphs
* misc
* finalize sneck page
* mve the sneck tests as it needs a newer version of laravel than we are using
* add documents for sneck
* finalize the poller
* formatting cleanup
* correct comment type
* correct the spelling of description
* more documentation
* save the check returns as metrics
* add some more examples
* fix some of the sneck alerts and add a few more examples
* turn off time to polling by default
* suggest using ntp if enabled
* since we are zeroing time_to_polling by default, this now works
* backout some suggested changes for once we change to larval 9
* remove del_sneck_data as it is no longer used
* add more docs on the metrics
* php-cs-fixer to fix a few things
* update and fix sneck tests
* remote a metric from the test
* another minor tweak to the test
* one more minor change
* ahh! derp! think I found it finally... hopefully hanging this for the last time...
* now use app data
* now logs check changes
* add a missing )
* add a missing )
* some style fixes
* update the sneck page use to the app data stuff
* update the poller to use the new app data
* misc
* update sneck to log check status changes
* correct alert log messages
* correct a comment
* fix metrics
* derp, another fix
* test fix
* re-order to avoid warning
* poller update
* update sneck graphs
* update sneck graphs
* remove a unneeded line
* test update for discovery
* minor tweaks to the test and fix update the polling a bit
* style fix
* fix return data printing
* fix the test data to include app data
* attempted test fix
* add config def to apps.sneck.polling_time_diff
* cleanup docs a bit
* minor config tweaks
* minor doc cleanup
* add linux_softnet_stat poller
* add graphs and app page for linux_softnet_stat
* fix polling
* rename a few items, clean up the app specific page, and add to the apps page
* convert from derive to counter
* save the budget and budget_usecs to app data
* display current value of the budgets
* now track budget values
* add tests data
* rename it
* add docs for Linux Softnet Stat
* re-order and add budget for app page graph order
* style fix
* correct data location
* fix metrics for the json
* add alerts for ZFS
* add initial l2 bits to the poller for zfs
* more minor tweaks to the ZFS poller
* more zfs bits
* add new ZFS graphs
* begin adding L2 stuff
* add linux_zfs-v3 bits
* update zfs app page
* style fix
* update the data for the zfs legacy test
* test update for zfs v1
* fix some zfs tests
* more zfs v3 test cleanup
* another zfs v3 test data fix
* more zfs v3 test data cleanup
* more test tweaks
* Fix undefined constants
These have been broken for a long time. Likely they are unused.
* Fix undefined constants
These have been broken for a long time. Likely they are unused.
* update fail2ban better stat graphs
* style fix
* add rainbow color pallete
* cleanup colors and make it more easily understandable via using the new rainbow colour pallete
* a bit more color tweaking
* green is easier on the eyes
* style fix
* fix hgandling for smaller graphs for some things
* for <= height graphs, use area
* rework the area bit and add a alpha
* style cleanup
* more style cleanup
* mm... colourA does work a lot nicer if the same as colour
* add two more palletes and make the purple the default
* only include 1d once as that as some versions of rrd break if it is twice
* move time_diff to the proper location
* re-add it
* add cape app page
* add initial cape graphs
* now work for the general page
* more udpates
* add cape pending
* add pending and cleanup for if there are no packages(likely cuckoo, so don't add extra items)
* rework the lack of packages a bit more
* more cuckoo related cleanupgiot
* fix cape error logging
* minor cleanups
* add a new graph and use it with cape... also lots of cape cleanups
* misc cape updates
* add percentile values for stats
* add fix for weekly
* don't display 1 day average if under 17 hours
* zero timeslots of packages not used for this time slot
* add avg stat graphs for cape
* now use the average graphs and update the app page
* add a new graph
* add CAPEv2 docs
* add tests data
* lots of style cleanup
* another tweak for the test data
* fix misc style issues
* add cape to apps page
* add nicecase for cape
* case fix
* json fix for test data
* add a missing stat
* some more test data tweaking
* more misc test updates
* more test tweaking
* more test work...
* more test data work
* add what is hopefully the final test tweak
* add HV::Monitor support
* document hv monitor
* add HV Monitor tests
* style cleanup
* fix a few missed style items
* test fix
* more test cleanup
* more minor test tweaks
* more test cleanup
* more test tweaking
* test ordering fix all done... hopefully
* more test cleanup
* minor formatting change
* Email embed graphs
* Allow attachment for non-html
Add setting to webui
Correct $auth setting
* Cleanups, throw RrdGraphException instead of returning an error image.
Generate the error image later, giving more control.
Reduce code duplication a little
* Style and lint fixes
Change to flags
* Add baseline for lint errors I don't know how to resolve
* oopsie, changed the code after generating the baseline
* Tiny cleanups. Make set DeviceCache primary, it is free.
* Docs.
* email_html note
* Allow control of graph embed at the email transport level to override the global config.
* Allow control of graph embed at the email transport level to override the global config.
* Add INLINE_BASE64 to make it easier to create inline image tags
* add new poller
* add a missing ;
* formatting cleanup
* graph stuff and metrics move
* add rrd name
* clean up metrics/rrd def
* more metric/rrd def cleanup
* cleanup
* add basic opensearch graphs
* add opensearch to apps.inc.php
* begin work on opensearch app page
* formatting cleanup
* add translog graphs
* add a missing graph
* fix pending tasks
* add the ability to fetch the saved cluster name
* add fetching the cluster name
* correct the opensearch comment
* add combined shard stats
* add indexing graphs
* correct graph name
* correct some units as being per second
* add more graphs
* add more items for graph sets
* cleanup of units and naming... also more graphs
* more graph stuff
* change the RRD def again and define a few more graphs
* finish basic graph sets
* more graph stuff
* another rrd def change
* add more graphs
* add some more graph sets
* correct unit for c_task_max_in_time
* more graph stuff
* more graph stuff
* correct the unit
* add missing tw_time and another rrd def change
* another unit change
* add trc graphs
* more graph stuff
* add tseg graphs
* add all shards graph to both cluster items
* more graph stuff
* update opensearch app page
* add Opensearch\Elasticsearch app
* add opensearch tests
* run php-cs-fixer on two files
* add alert examples for checking cluster status
* remove an item that was accidentally added as a metric in the test but is not
* derp! thanks jellyfrog
* make it come up as Elisticsearch\Opensearch in the webui
* no longer use components, but app_data, for cluster name change
* update the web side for opensearch for using app_data
* style fix
* update opensearch for new app data stuff
* update to the new Application model
* update poller and device app page for ES/OS
* style cleanup
* update graphs
* test fix
* more test cleanup
* Update alert_rules.json
* begin work on breaking out the RRDs
* update all non-multi rrd graphs for opensearch
* update time_all
* add a unass shards graph
* correct rrd name
* should all be good now
* add missing tm stats
* Un Assigned -> Unassigned
* style cleanup
* another style fix
* remove cluster_name from saved metrics as it is not a metric
Co-authored-by: Tony Murray <murraytony@gmail.com>
Co-authored-by: Jellyfrog <Jellyfrog@users.noreply.github.com>
* add sagan instance fetch function
* add sagan discovery
* add sagan poller
* add sagan graphs
* add graph sources
* add sagan to apps page
* remove alert
* more app graph work
* polling fix
* re-order keys and add alert key
* correct field key usage
* add alert and fix a missing unit
* more unit fixes
* add alert status
* add alert rules for sagan
* fix a missing : after S while I am here in the json stat tool helper... also add tests
* now add the tests
* add docs
* point php-cs-fixer at two files
* remove-unneeded sagan instance fetch function
* convert to use app_data
* style fix
* apply bennet-esyoil's suggestions here as well
* update for the new app model
* convert poller to the new method
* convert the sagan device app page
* convert sagan
* doc cleanup
* initial work on add the ability to save/fetch app data
* update to use get_app_data for ZFS
* update the poller for the new app_data stuff
* ZFS now logs changes to pools
* add schema update for app_data stuff
* small formatting fix
* add a missing \
* now adds a column
* sql-schema is no longer used, so remove the file that was added here
* misc cleanups
* rename the method in database/migrations/2022_07_03_1947_add_app_data.php
* hopefully fix the migration bit
* add the column to misc/db_schema.yaml
* more misc small DB fixes
* update the test as the json column uses collat of utf8mb4_bin
* revert the last change and try manually setting it to what is expected
* remove a extra ;
* update suricata as well
* correct the instance -> instances in one location to prevent the old instance list from being stomped
* remove a extra ;
* update fail2ban to use it as well
* remove two unused functions as suricata and fail2ban no longer use components
* style cleanup
* postgres poller updated to use it
* update html side of the postgres bits
* chronyd now uses app data bits now as well
* portactivity now uses it as well
* style fix
* sort the returned arrays from app_data
* correct log message for port activity
* collocation change
* try re-ordering it
* add in the new data column to the tests
* remove a extra ,
* hmm... ->collate('utf8mb4_unicode_ci') is not usable as apparently collate does not exist
* change the column type from json to longtext
* mv chronyd stuff while I sort out the rest of the tests... damn thing is always buggy
* hmm... fix a missing line then likely move stuff back
* style fix
* add fillable
* add the expexcted data for fail2ban json
* escape a " I missed
* add data for portactivity
* add suricata app data
* add app data to zfs legacy test
* put the moved tests back into place and update zfs-v1 test
* add app data for chronyd test
* add app data for fail2ban legacy test
* update zfs v1 app data
* add some notes on application dev work
* add Developing/Application-Notes.md to mkdocs.yml
* add data column to it
* added various suggestions from bennet-esyoil
* convert from isset to sizeof
* type fix
* fully remove the old save app data function and move it into a helper function... the other still needs cleaned up prior to removal
* update docs
* get_app_data is fully removed now as well
* a few style fixes
* add $casts
* update chronyd test
* attempt to fix the data
* more doc cleanup and try changing the cast
* style fix
* revert the changes to the chronyd test
* apply a few of murrant's suggestions
* document working with ->data as json and non-josn
* remove two no-longer used in this PR exceptions
* ->data now operates transparently
* style fix
* update data tests
* fix json
* test fix
* update the app notes to reflect how app data now works
* app test fix
* app data fix for linux_lsi
* json fix
* minor doc cleanup
* remove duplicate querty and use json_decode instead
* style fix
* modelize the app poller
* use a anon func instead of foreach
* test update
* style cleanup
* style cleanup
* another test cleanup
* more test cleanup
* reverse the test changes and add in some more glue code
* revert one of the test changes
* another small test fix
* Make things use models
Left some array access, but those will still work just fine.
* missed chronyd and portactivity
* rename poll to avoid make it any confusion
* Remove extra save and fix timestamp
* save any changes made to app->data
* nope, that was not it
* What are magic methods and how do they work?
* fix two typos
* update linux_lsi test
* change quote type
Co-authored-by: Tony Murray <murraytony@gmail.com>
* docker app: polling - RRD dataset and fields value mismatch
RRD dataset definitions and fields array keys passed to data_update
have to be in the same order. There is no match based on key before
building the rrdtool update command.
Fixes mem_perc ending as NaN because it ended with a value above 100
as it was given mem_limit bytes value.
* docker app - remove misleading divider
The mem_perc and cpu_usage are already in percent, no need to divide
them by a hundred. The values were then made into milli percent or micro
percent.
* add poller
* add a generic alert graph
* add support for .total
* add the initial work on the suricata app page
* add applayer flow sources
* more rrd work and add more fields
* add a missing graph to the suricata page
* add suricata to the apps page
* all working now for suricata
* add some suricata alert examples
* all done with the php
* update the application docs for Suricata
* add another note about Suricata stats in the docs
* add the test file
* add the test JSON
* remove a unneeded newline from the appication docs
* correct the type uptime type
* packets graph should by packets/sec
* minor formatting cleanup
* one more minor formatting cleanup
* shot in the dark to see if something fixes the angry linter
* fix snmpsim file
* add metrics
* add values to the metrics
* add a missing comma to the json
* add a missing line to snmprec and cleanup json a bit
* a few more minor changes to see if this makes it happy... regened via scripts/json-app-tool.php
* see if this will make it happy
* add suricata to app discovery and hope that fixes it... take a shot in the dark as to why the linter errors strangely on two of the files
* fix json
* add a missing ] to the json
* rename two graphs so it does not trigger one alert and add a missing metric
* whoops, *_alertString is not a metric
