From: Michael Tremer Date: Sun, 31 Aug 2025 12:32:39 +0000 (+0000) Subject: generator: Express the rule severity by colors X-Git-Tag: 0.1~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dedaa3a9eba338fd54935992a5aff9ef6f6ddaaa;p=suricata-reporter.git generator: Express the rule severity by colors Signed-off-by: Michael Tremer --- diff --git a/src/suricata-report-generator.in b/src/suricata-report-generator.in index 95ee0d5..18c6012 100644 --- a/src/suricata-report-generator.in +++ b/src/suricata-report-generator.in @@ -246,6 +246,27 @@ class ReportGenerator(object): def _make_alerts_by_date(self, elements, date, *, width): log.debug("Rendering alerts for %s..." % date) + # Style the table + style = reportlab.platypus.TableStyle(( + # Make the grid slightly grey + ("GRID", (0, 0), (-1, -1), 0.25, reportlab.lib.colors.grey), + + # Align all content to the top left corners of the cells + ("ALIGN", (0, 0), (-1, -1), "LEFT"), + ("ALIGN", (1, 0), (1, -1), "CENTER"), + ("ALIGN", (3, 0), (3, -1), "CENTER"), + ("VALIGN", (0, 0), (-1, -1), "TOP"), + + # Chose a much smaller font size + ("FONTSIZE", (0, 0), (-1, -1), 8), + + # Alternate the background colours of the rows + ("ROWBACKGROUNDS", (0, 1), (-1, -1), [ + reportlab.lib.colors.white, + reportlab.lib.colors.lightgrey, + ]), + )) + # Fetch the alerts c = self.db.execute(""" SELECT @@ -280,26 +301,54 @@ class ReportGenerator(object): # Start the table with the header rows = [ - (_("Time"), _("Signature"), _("Protocol"), _("Source / Destination")) + ("", _("Time"), _("Signature"), _("Protocol"), _("Source / Destination")) ] + # Count the number of rows + i = 0 + while True: row = c.fetchone() if row is None: break + # Increment the row number + i += 1 + # Parse the timestamp t = datetime.datetime.strptime(row.timestamp, "%Y-%m-%d %H:%M:%S") + # Give some visual indication about the severity + # High Severity + if row.alert_severity == 1: + color = reportlab.lib.colors.crimson + # Medium Severity + elif row.alert_severity == 2: + color = reportlab.lib.colors.gold + # Low Severity + elif row.alert_severity == 3: + color = reportlab.lib.colors.dodgerblue + # Informational + elif row.alert_severity == 4: + color = reportlab.lib.colors.lightsteelblue + else: + color = None + + # Set the severity colour + if color: + style.add("BACKGROUND", (0, i), (0, i), color) + # Append the row rows.append(( + # Severity + "", + # Time t.strftime("%H:%M:%S"), # Signature reportlab.platypus.Paragraph( - "%s %s
[%s:%s:%s] - %s" % ( - "*" * row.alert_severity, + "%s
[%s:%s:%s] - %s" % ( row.alert_signature, row.alert_gid, row.alert_signature_id, @@ -336,7 +385,7 @@ class ReportGenerator(object): table = reportlab.platypus.Table(rows, # Set the widths of the rows colWidths=( - width * 0.1, width * 0.6, width * 0.1, width * 0.2, + width * 0.02, width * 0.08, width * 0.6, width * 0.1, width * 0.2, ), # Repeat the header after a page break @@ -344,27 +393,7 @@ class ReportGenerator(object): ) # Style the table - table.setStyle( - reportlab.platypus.TableStyle(( - # Make the grid slightly grey - ("GRID", (0, 0), (-1, -1), 0.25, reportlab.lib.colors.grey), - - # Align all content to the top left corners of the cells - ("ALIGN", (0, 0), (-1, -1), "LEFT"), - ("ALIGN", (0, 0), (0, -1), "CENTER"), - ("ALIGN", (2, 0), (2, -1), "CENTER"), - ("VALIGN", (0, 0), (-1, -1), "TOP"), - - # Chose a much smaller font size - ("FONTSIZE", (0, 0), (-1, -1), 8), - - # Alternate the background colours of the rows - ("ROWBACKGROUNDS", (0, 1), (-1, -1), [ - reportlab.lib.colors.white, - reportlab.lib.colors.lightgrey, - ]), - )), - ) + table.setStyle(style) # Append the table to the output elements.append(table)