Skip to content

Test - DO NOT MERGE #785

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: 2.4/dev
Choose a base branch
from
Open

Test - DO NOT MERGE #785

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions html/index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -292,6 +292,12 @@
</template>
<v-list-item-title v-text="i18n.activeQueries"></v-list-item-title>
</v-list-item>
<v-list-item data-aid="nav_admin_es_console" v-if="$root.isUserAdmin()" href="pages/elasticsearch_console.html">
<template #prepend>
<v-icon>fa-terminal</v-icon> <!-- Added ES Console Link -->
</template>
<v-list-item-title>Elasticsearch Console</v-list-item-title>
</v-list-item>
<v-list-item data-aid="nav_admin_members" v-if="$root.isUserAdmin()" @click="" to="/gridmembers">
<template #prepend>
<v-icon>fa-circle-nodes</v-icon>
Expand Down
104 changes: 104 additions & 0 deletions html/js/elasticsearch_console.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
document.addEventListener('DOMContentLoaded', () => {
const methodSelect = document.getElementById('es-method');
const pathInput = document.getElementById('es-path');
const requestBodyTextarea = document.getElementById('es-request');
const responsePre = document.getElementById('es-response');
const sendButton = document.getElementById('send-request-btn');

// Set default path if empty
if (!pathInput.value) {
pathInput.value = '/_search';
}
// Set default body if empty
if (!requestBodyTextarea.value) {
requestBodyTextarea.value = JSON.stringify({ query: { match_all: {} } }, null, 2);
}


sendButton.addEventListener('click', async () => {
const method = methodSelect.value;
const path = pathInput.value.trim();
let requestBody = requestBodyTextarea.value.trim();

if (!path) {
alert('Elasticsearch path cannot be empty.');
return;
}

// Clear previous response and indicate loading
responsePre.textContent = 'Sending request...';
responsePre.style.color = '#555'; // Reset color

// Basic validation for JSON body (if method requires one)
let parsedBody = null;
if (['POST', 'PUT'].includes(method) && requestBody) {
try {
parsedBody = JSON.parse(requestBody);
} catch (e) {
responsePre.textContent = `Error parsing JSON request body:\n${e.message}`;
responsePre.style.color = 'red';
return;
}
} else if (!['POST', 'PUT'].includes(method)) {
// Ensure body is empty for methods that don't use it
requestBody = '';
parsedBody = null;
}


try {
// Construct the request to our backend endpoint
// This endpoint needs to be created on the Go server
const backendUrl = '/api/v1/elasticsearch/proxy'; // Define the backend proxy endpoint URL

const fetchOptions = {
method: 'POST', // Always POST to our backend proxy
headers: {
'Content-Type': 'application/json',
// Include CSRF token if necessary (assuming SOC uses CSRF protection)
// 'X-CSRF-Token': getCsrfToken(), // Function to get CSRF token
},
body: JSON.stringify({
method: method,
path: path,
body: requestBody ? parsedBody : null // Send parsed body or null
}),
};

const response = await fetch(backendUrl, fetchOptions);

// Check if the response from our backend is okay
if (!response.ok) {
let errorText = `Backend Error: ${response.status} ${response.statusText}`;
try {
const errorData = await response.json();
errorText += `\n${JSON.stringify(errorData, null, 2)}`;
} catch (e) {
// If response is not JSON, try getting text
errorText += `\n${await response.text()}`;
}
throw new Error(errorText);
}

// Get the response data (which should be the response from Elasticsearch)
const data = await response.json();

// Display the Elasticsearch response nicely formatted
responsePre.textContent = JSON.stringify(data, null, 2); // Pretty print JSON
responsePre.style.color = 'black'; // Reset color on success


} catch (error) {
console.error('Error sending Elasticsearch request:', error);
responsePre.textContent = `Error: ${error.message}`;
responsePre.style.color = 'red';
}
});

// Helper function placeholder for CSRF token retrieval if needed
// function getCsrfToken() {
// // Implementation depends on how CSRF tokens are handled in SOC
// // e.g., read from a meta tag or a cookie
// return document.querySelector('meta[name="csrf-token"]')?.content || '';
// }
});
75 changes: 75 additions & 0 deletions html/pages/elasticsearch_console.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Elasticsearch Console - Security Onion</title>
<!-- Link to existing CSS or add specific styles -->
<link rel="stylesheet" href="../css/app.css">
<style>
/* Add specific styles for the console page */
#es-console-container {
display: flex;
flex-direction: column;
height: calc(100vh - 100px); /* Adjust based on header/footer height */
padding: 15px;
}
#es-request, #es-response {
flex: 1;
font-family: monospace;
border: 1px solid #ccc;
padding: 10px;
margin-bottom: 10px;
overflow: auto;
white-space: pre; /* Preserve whitespace */
}
#es-request {
min-height: 150px; /* Ensure request area is usable */
resize: vertical; /* Allow vertical resizing */
}
#es-response {
background-color: #f5f5f5;
}
#es-controls {
margin-bottom: 10px;
}
#es-controls button {
padding: 8px 15px;
cursor: pointer;
}
/* Basic editor styling */
textarea {
width: 100%;
box-sizing: border-box; /* Include padding and border in element's total width and height */
}
</style>
</head>
<body>
<!-- Placeholder for potential header/navigation inclusion -->
<h1>Elasticsearch Console</h1>

<div id="es-console-container">
<div id="es-controls">
<select id="es-method" name="method">
<option value="GET">GET</option>
<option value="POST" selected>POST</option>
<option value="PUT">PUT</option>
<option value="DELETE">DELETE</option>
<option value="HEAD">HEAD</option>
</select>
<input type="text" id="es-path" placeholder="/_search" style="width: 400px; padding: 8px;">
<button id="send-request-btn">Send Request</button>
</div>

<label for="es-request">Request Body:</label>
<textarea id="es-request" rows="10" placeholder="{&#10; "query": {&#10; "match_all": {}&#10; }&#10;}"></textarea>

<label for="es-response">Response:</label>
<pre id="es-response">Response will appear here...</pre>
</div>

<!-- Link to JS file for functionality -->
<script src="../js/elasticsearch_console.js"></script>
<!-- Placeholder for potential footer inclusion -->
</body>
</html>
1 change: 1 addition & 0 deletions rbac/permissions
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ config/read: config-monitor
config/write: config-admin
detections/read: detection-monitor
detections/write: detection-admin
elasticsearch:proxy:execute: superuser # Add new permission for ES proxy
events/read: event-monitor
events/write: event-admin
events/ack: event-admin
Expand Down
Loading
Loading