Skip to content

Commit

Permalink
Merge pull request #539 from jmpsec/add-query-schedule-admin
Browse files Browse the repository at this point in the history 
Modal in osctrl-admin to add a new query to schedule
  • Loading branch information
@javuto
javuto authored Oct 18, 2024
2 parents e394365 + 2193d21 commit d81db60
Show file tree
Hide file tree
Showing 5 changed files with 73 additions and 7 deletions.
23 changes: 23 additions & 0 deletions admin/static/js/configuration.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,29 @@ function saveATC() {
saveB64Blob('atc_conf', 'atc', 'atc_header');
}

function addQuerySchedule() {
$("#addquery_action").click(function () {
$("#addQueryModal").modal("hide");
confirmAddQuerySchedule();
});
$("#query_name").val("");
$("#query_sql").val("");
$("#query_interval").val("");
$("#addQueryModal").modal();
}

function confirmAddQuerySchedule() {
var _editor = $("#schedule_conf").data("CodeMirrorInstance");
var _schedule = _editor.getValue();
var obj = JSON.parse(_schedule);
var _query = {
"query": $("#query_sql").val(),
"interval": parseInt($("#query_interval").val()),
};
obj[$("#query_name").val()] = _query;
_editor.setValue(JSON.stringify(obj, null, "\t"));
}

function saveIntervals() {
var _csrftoken = $("#csrftoken").val();
var _config = $("#conf_range").val();
Expand Down
41 changes: 41 additions & 0 deletions admin/templates/components/page-modals.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,4 +182,45 @@ <h4 class="modal-title">Upload new certificate</h4>
</div>
<!-- /.modal -->

<div class="modal fade" id="addQueryModal" tabindex="-1" role="dialog" aria-labelledby="addQueryModal" aria-hidden="true">
<div class="modal-dialog modal-dark modal-lg" role="document">
<div class="modal-content">
<div class="modal-header">
<h4 class="modal-title">Add new query to schedule</h4>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
</div>
<div class="modal-body">
<div class="form-group row">
<label class="col-md-3 col-form-label" for="query_name">Qury name: </label>
<div class="col-md-9">
<input class="form-control" name="query_name" id="query_name" type="text" autocomplete="off"
autofocus>
</div>
</div>
<div class="form-group row">
<label class="col-md-3 col-form-label" for="query_sql">SQL Query: </label>
<div class="col-md-9">
<input class="form-control" name="query_sql" id="query_sql" type="text" autocomplete="off">
</div>
</div>
<div class="form-group row">
<label class="col-md-3 col-form-label" for="query_interval">Interval in seconds: </label>
<div class="col-md-9">
<input class="form-control" name="query_interval" id="query_interval" type="text" autocomplete="off">
</div>
</div>
</div>
<div class="modal-footer">
<button id="addquery_action" type="button" class="btn btn-dark" data-dismiss="modal">Add</button>
<button type="button" class="btn btn-danger" data-dismiss="modal">Cancel</button>
</div>
</div>
<!-- /.modal-content -->
</div>
<!-- /.modal-dialog -->
</div>
<!-- /.modal -->

{{ end }}
8 changes: 7 additions & 1 deletion admin/templates/conf.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,10 @@
data-tooltip="true" data-placement="bottom" title="Documentation" onclick="javascript:window.open('https://osquery.readthedocs.io/en/stable/deployment/configuration/#schedule', '_blank');">
<i class="far fa-question-circle"></i>
</button>
<button id="schedule_add_query" class="btn btn-sm btn-dark"
data-tooltip="true" data-placement="bottom" title="Add Query To Schedule" onclick="addQuerySchedule();">
<i class="fas fa-plus-square"></i>
</button>
<button id="schedule_json_save" class="btn btn-sm btn-dark"
data-tooltip="true" data-placement="bottom" title="Save Changes" onclick="saveSchedule();">
<i class="far fa-save"></i>
Expand Down Expand Up @@ -406,8 +410,9 @@
$(this).addClass("btn-danger");
});
_valid = false
// Disable button
// Disable buttons
$('#schedule_json_save').prop("disabled", true);
$('#schedule_add_query').prop("disabled", true);
// Position cursor in where the problem is at
}
if (_valid) {
Expand All @@ -418,6 +423,7 @@
$(this).addClass("btn-success");
});
$('#schedule_json_save').prop("disabled", false);
$('#schedule_add_query').prop("disabled", false);
}
});
editorSchedule.setSize("100%", "100%");
Expand Down
2 changes: 1 addition & 1 deletion admin/templates/tags.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ <h4 id="modal_title_tag" class="modal-title"></h4>
},60000);

// Focus on input when modal opens
$("#createTagModal").on('shown.bs.modal', function(){
$("#createEditTagModal").on('shown.bs.modal', function(){
$(this).find('#tag_name').focus();
});

Expand Down
6 changes: 1 addition & 5 deletions logging/process.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,7 @@ func (l *LoggerTLS) ProcessLogs(data json.RawMessage, logType, environment, ipad
osqueryuser = metadataVerification(osqueryuser, l.Decorations.OsqueryUser)
confighash = metadataVerification(confighash, l.Decorations.ConfigHash)
daemonhash = metadataVerification(daemonhash, l.Decorations.DaemonHash)
if l.Decorations.OsqueryVersion != "" && l.Version != l.Decorations.OsqueryVersion {
log.Warn().Msgf("mismatched osquery version: %s != %s", l.Version, l.Decorations.OsqueryVersion)
} else {
osqueryversion = metadataVerification(osqueryversion, l.Decorations.OsqueryVersion)
}
osqueryversion = metadataVerification(osqueryversion, l.Decorations.OsqueryVersion)
}
if debug {
log.Debug().Msgf("metadata and dispatch for %s", uuid)
Expand Down

0 comments on commit d81db60

Please sign in to comment.