codeyourweb
diff --git a/‎sentinel-kit_server_backend/src/Controller/AlertController.php‎
Lines changed: 38 additions & 4 deletions b/‎sentinel-kit_server_backend/src/Controller/AlertController.php‎
Lines changed: 38 additions & 4 deletions
diff --git a/‎sentinel-kit_server_backend/src/Controller/ElasticsearchController.php‎
Lines changed: 88 additions & 0 deletions b/‎sentinel-kit_server_backend/src/Controller/ElasticsearchController.php‎
Lines changed: 88 additions & 0 deletions
diff --git a/‎sentinel-kit_server_backend/src/Controller/SigmaController.php‎
Lines changed: 12 additions & 0 deletions b/‎sentinel-kit_server_backend/src/Controller/SigmaController.php‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎sentinel-kit_server_backend/src/Service/ElasticsearchService.php‎
Lines changed: 28 additions & 0 deletions b/‎sentinel-kit_server_backend/src/Service/ElasticsearchService.php‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎sentinel-kit_server_frontend/index.html‎
Lines changed: 1 addition & 1 deletion b/‎sentinel-kit_server_frontend/index.html‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎sentinel-kit_server_frontend/package.json‎
Lines changed: 5 additions & 0 deletions b/‎sentinel-kit_server_frontend/package.json‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎sentinel-kit_server_frontend/public/favicon.png‎
10.3 KB b/‎sentinel-kit_server_frontend/public/favicon.png‎
10.3 KB
diff --git a/‎sentinel-kit_server_frontend/src/App.vue‎
Lines changed: 27 additions & 2 deletions b/‎sentinel-kit_server_frontend/src/App.vue‎
Lines changed: 27 additions & 2 deletions
diff --git a/‎sentinel-kit_server_frontend/src/components/RuleEditor.vue‎
Lines changed: 2 additions & 2 deletions b/‎sentinel-kit_server_frontend/src/components/RuleEditor.vue‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎sentinel-kit_server_frontend/src/components/RuleSummary.vue‎
Lines changed: 1 addition & 1 deletion b/‎sentinel-kit_server_frontend/src/components/RuleSummary.vue‎
Lines changed: 1 addition & 1 deletion
@@ -35,23 +35,51 @@ public function listAlerts(Request $request): JsonResponse
         $page = max(1, $request->query->getInt('page', 1));
         $limit = min(100, max(1, $request->query->getInt('limit', 20)));
         $since = $request->query->get('since');
+        $startDate = $request->query->get('startDate');
+        $endDate = $request->query->get('endDate');
+        $filter = $request->query->get('filter');
 
         $qb = $this->entityManager->getRepository(Alert::class)->createQueryBuilder('a')
             ->leftJoin('a.rule', 'r')
             ->leftJoin('a.sigmaRuleVersion', 'v')
             ->addSelect('r', 'v')
             ->orderBy('a.createdOn', 'DESC');
 
-        if ($since) {
+        $whereConditions = [];
+        $parameters = [];
+
+        if ($startDate && $endDate) {
+            try {
+                $start = new \DateTime($startDate);
+                $end = new \DateTime($endDate);
+                $whereConditions[] = 'a.createdOn >= :startDate AND a.createdOn <= :endDate';
+                $parameters['startDate'] = $start;
+                $parameters['endDate'] = $end;
+            } catch (\Exception $e) {
+                return new JsonResponse(['error' => 'Invalid date format for startDate or endDate parameter'], Response::HTTP_BAD_REQUEST);
+            }
+        } elseif ($since) {
             try {
                 $sinceDate = new \DateTime($since);
-                $qb->where('a.createdOn >= :since')
-                   ->setParameter('since', $sinceDate);
+                $whereConditions[] = 'a.createdOn >= :since';
+                $parameters['since'] = $sinceDate;
             } catch (\Exception $e) {
                 return new JsonResponse(['error' => 'Invalid date format for since parameter'], Response::HTTP_BAD_REQUEST);
             }
         }
 
+        if ($filter && trim($filter)) {
+            $whereConditions[] = '(r.title LIKE :filter OR r.description LIKE :filter)';
+            $parameters['filter'] = '%' . trim($filter) . '%';
+        }
+
+        if (!empty($whereConditions)) {
+            $qb->where(implode(' AND ', $whereConditions));
+            foreach ($parameters as $key => $value) {
+                $qb->setParameter($key, $value);
+            }
+        }
+
         $offset = ($page - 1) * $limit;
         $qb->setFirstResult($offset)->setMaxResults($limit);
 
@@ -60,7 +88,13 @@ public function listAlerts(Request $request): JsonResponse
         $totalQb = $this->entityManager->getRepository(Alert::class)->createQueryBuilder('a')
             ->select('COUNT(a.id)');
 
-        if ($since) {
+        if ($startDate && $endDate) {
+            $start = new \DateTime($startDate);
+            $end = new \DateTime($endDate);
+            $totalQb->where('a.createdOn >= :startDate AND a.createdOn <= :endDate')
+                    ->setParameter('startDate', $start)
+                    ->setParameter('endDate', $end);
+        } elseif ($since) {
             $sinceDate = new \DateTime($since);
             $totalQb->where('a.createdOn >= :since')
                     ->setParameter('since', $sinceDate);
 
@@ -0,0 +1,88 @@
+<?php
+
+namespace App\Controller;
+
+use App\Service\ElasticsearchService;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+
+#[Route('/api/elasticsearch')]
+class ElasticsearchController extends AbstractController
+{
+    private ElasticsearchService $elasticsearchService;
+
+    public function __construct(ElasticsearchService $elasticsearchService)
+    {
+        $this->elasticsearchService = $elasticsearchService;
+    }
+
+    #[Route('/search', name: 'elasticsearch_search', methods: ['POST'])]
+    public function search(Request $request): JsonResponse
+    {
+        try {
+            $requestData = json_decode($request->getContent(), true);
+
+            if (!$requestData) {
+                return $this->json([
+                    'error' => 'Invalid JSON in request body'
+                ], Response::HTTP_BAD_REQUEST);
+            }
+
+            // Log the incoming query for debugging
+            error_log('Elasticsearch query received: ' . json_encode($requestData));
+
+            if (!$this->isAllowedQuery($requestData)) {
+                error_log('Query rejected by validation: ' . json_encode($requestData));
+                return $this->json([
+                    'error' => 'Only read-only search operations are allowed'
+                ], Response::HTTP_FORBIDDEN);
+            }
+
+            $result = $this->elasticsearchService->rawQuery($requestData);
+
+            return $this->json([
+                'success' => true,
+                'data' => $result
+            ]);
+
+        } catch (\Exception $e) {
+            error_log('Elasticsearch controller error: ' . $e->getMessage());
+            error_log('Stack trace: ' . $e->getTraceAsString());
+            return $this->json([
+                'error' => 'Elasticsearch query error: ' . $e->getMessage()
+            ], Response::HTTP_INTERNAL_SERVER_ERROR);
+        }
+    }
+
+    /**
+     * Validate that the query only contains allowed read-only operations
+     */
+    private function isAllowedQuery(array $query): bool
+    {
+        // Simplified validation - just check for obviously dangerous operations
+        $forbiddenOperations = [
+            'delete',
+            'update',
+            'bulk',
+            '_delete',
+            '_update',
+            '_bulk'
+        ];
+
+        // Convert query to string for simple pattern matching
+        $queryString = json_encode($query);
+        $queryLower = strtolower($queryString);
+
+        foreach ($forbiddenOperations as $forbidden) {
+            if (strpos($queryLower, $forbidden) !== false) {
+                error_log("Forbidden operation detected: $forbidden in query: $queryString");
+                return false;
+            }
+        }
+
+        return true;
+    }
+}
@@ -182,6 +182,9 @@ public function addRuleVersion(Request $request, int $ruleId): JsonResponse {
             return new JsonResponse(['error' => 'The new version content is identical to the latest version'], Response::HTTP_BAD_REQUEST);
         }
 
+        if($rule->isActive()){
+            $this->elastalertValidator->removeElastalertRule($latestVersion);
+        }
 
         try {
             $this->entityManger->persist($newRuleVersion);
@@ -190,6 +193,11 @@ public function addRuleVersion(Request $request, int $ruleId): JsonResponse {
             return new JsonResponse(['error' => 'Failed to save the new version: ' . $e->getMessage()], Response::HTTP_INTERNAL_SERVER_ERROR);
         }
 
+        $e = $this->elastalertValidator->createElastalertRule($newRuleVersion);
+        if (isset($e['error'])) {
+            return new JsonResponse(['error' => $e['error']], Response::HTTP_INTERNAL_SERVER_ERROR);
+        }
+
         return new JsonResponse(['error' => '', 'version_id' => $newRuleVersion->getId()], Response::HTTP_OK);
     }
 
@@ -200,6 +208,10 @@ public function deleteRule(Request $request, int $ruleId): JsonResponse {
             return new JsonResponse(['error' => 'Rule not found'], Response::HTTP_NOT_FOUND);
         }
 
+        if($rule->isActive()){
+            $this->elastalertValidator->removeElastalertRule($rule->getRuleLatestVersion());
+        }
+
         $this->entityManger->remove($rule);
         $this->entityManger->flush();
 
 
@@ -91,6 +91,34 @@ public function getClusterHealth(): array
             return ['status' => 'unavailable'];
         }
     }
+    public function rawQuery(array $queryData): array
+    {
+        try {
+            $index = $queryData['index'] ?? 'sentinelkit-*';
+            
+            $bodyData = $queryData;
+            unset($bodyData['index']);
+            
+            $params = [
+                'index' => $index,
+                'body' => $bodyData
+            ];
+
+            $this->logger->info('Elasticsearch raw query execution', [
+                'index' => $index,
+                'query_keys' => array_keys($bodyData)
+            ]);
+            
+            $response = $this->client->search($params);
+            return $response->asArray();
+        } catch (\Exception $e) {
+            $this->logger->error('Elasticsearch raw query error', [
+                'error' => $e->getMessage(),
+                'query' => $queryData
+            ]);
+            throw $e;
+        }
+    }
 
     public function getClient(): Client
     {
 
@@ -3,7 +3,7 @@
   <head>
     <meta charset="UTF-8" />
     <link rel="stylesheet" href="/src/style.css" />
-    <link rel="icon" type="image/svg+xml" href="/vite.svg" />
+    <link rel="icon" type="image/png" href="/favicon.png" />
     <link href="https://fonts.googleapis.com/css2?family=Geist:[email protected]&display=swap" rel="stylesheet"/>
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Sentinel Kit - Admin portal</title>
 
@@ -14,9 +14,14 @@
     "@iconify/tailwind4": "^1.0.6",
     "@tailwindcss/vite": "^4.1.14",
     "@vitejs/plugin-vue": "^6.0.1",
+    "chart.js": "^4.4.0",
+    "chartjs-adapter-date-fns": "^3.0.0",
+    "chartjs-plugin-zoom": "^2.2.0",
+    "date-fns": "^2.30.0",
     "flyonui": "^2.4.1",
     "tailwindcss": "^4.1.14",
     "vue": "^3.5.22",
+    "vue-chartjs": "^5.3.0",
     "vue-router": "^4.6.3"
   },
   "devDependencies": {
 
@@ -36,7 +36,7 @@
         </aside>
 
         <div :class="{ 'ml-64': !isCollapsed, 'ml-20': isCollapsed }" class="flex-1 flex flex-col transition-all duration-300 ease-in-out">
-            <main class="p-6 flex-1 overflow-y-auto">
+            <main class="flex-1 overflow-y-auto">
                 <RouterView @show-notification="showNotification" />
             </main>
         </div>
@@ -124,6 +124,7 @@ import SSLChecker from './components/SSLChecker.vue';
 const router = useRouter();
 const isLoggedIn = ref(false);
 const isCollapsed = ref(true);
+const BASE_URL = import.meta.env.VITE_API_BASE_URL;
 
 // Notification system
 const notification = ref({
@@ -161,18 +162,42 @@ const hideNotification = () => {
 onMounted(() => {
     const token = localStorage.getItem('auth_token');
     isLoggedIn.value = !!token;
+
+    // if route is not login or logout, check auth
+    const currentRoute = router.currentRoute.value.name;
+    if (currentRoute !== 'Login' && currentRoute !== 'Logout') {
+        checkAuth();
+    }
 });
 
 const logout = () => {
     router.push({ name: 'Logout' });
 };
 
+// Authentication check
+const checkAuth = async () => {
+    try {
+        const response = await fetch(`${BASE_URL}/user/profile`, {
+            headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${localStorage.getItem('auth_token')}`
+            }
+        })
+        if (response.status === 401) {
+            localStorage.removeItem('auth_token')
+            router.push({ name: 'Login' })
+        }
+    } catch (error) {
+        console.error('Error checking authentication:', error)
+    }
+}
+
 // Side menu items
 const menuItems = [
 { name: 'Home', icon: 'icon-[svg-spinners--blocks-wave]', route: 'Home' },
 { name: 'Rulesets', icon: 'icon-[carbon--rule-draft]', route: 'RulesList' },
+{ name: 'Alerts', icon: 'icon-[solar--eye-scan-broken]', route: 'AlertsList' },
 { name: 'Logs', icon: 'icon-[icon-park-outline--log]', route: 'Kibana' },
-{ name: 'Alerts', icon: 'icon-[solar--eye-scan-broken]', route: 'Home' },
 { name: 'Endpoint detection', icon: 'icon-[line-md--computer-twotone]', route: 'Home' },
 { name: 'Perf. monitoring', icon: 'icon-[material-symbols--monitor-heart-outline]', route: 'Grafana' }
 ];
 
@@ -54,7 +54,7 @@ const emit = defineEmits(['update:modelValue']);
 
 const editorOptions = computed(() => ({
   automaticLayout: true,
-  minimap: { enabled: true },
+  minimap: { enabled: false },
   readOnly: props.readOnly,
   tabSize: 2,
   scrollBeyondLastLine: false, 
@@ -63,7 +63,7 @@ const editorOptions = computed(() => ({
 
 const diffOptions = computed(() => ({
   automaticLayout: true,
-  minimap: { enabled: true },
+  minimap: { enabled: false },
   readOnly: true, 
   tabSize: 2,
   scrollBeyondLastLine: false, 
 
@@ -129,7 +129,7 @@
                 </a>
                 <a
                     @click="confirmDelete"
-                    class="btn btn-primary px-4 py-2 text-white bg-red-600 hover:bg-red-700 rounded-lg transition duration-150"
+                    class="btn btn-primary px-4 py-2 rounded-lg transition duration-150"
                 >
                     Remove
                 </a>
Original file line number	Diff line number	Diff line change
`@@ -129,7 +129,7 @@`
`129`	`129`	`</a>`
`130`	`130`	`<a`
`131`	`131`	`@click="confirmDelete"`
`132`		`- class="btn btn-primary px-4 py-2 text-white bg-red-600 hover:bg-red-700 rounded-lg transition duration-150"`
	`132`	`+ class="btn btn-primary px-4 py-2 rounded-lg transition duration-150"`
`133`	`133`	`>`
`134`	`134`	`Remove`
`135`	`135`	`</a>`