Commits

Anonymous committed 4b1be4a

Edited a few more queries

Comments (0)

Files changed (1)

htraf/examples20/snort.html

 
       <div class="row">
           <div class="cell">
-
-            <h3>Top 10 Signatures Detected Today</h3>
-            <table id="top10sig" data-htsql="/((event?date(timestamp)=today())^(signature.sig_name)).define(abc:=count(^)).sort(abc-).limit(10){*:as Signature,abc:as Count}"></table>
+                <h3>Top 10 Signatures Detected Today</h3>
+                <table id="top10sig"
+                        data-htsql="/((event?date(timestamp)=today())^{signature.sig_name})
+                                         {*1 :as Signature,
+                                         count(^)- :as '%23'}.limit(10)">
+                </table>
 
           </div>
           <div class="cell">
 
-
-            <h3>Top 10 Source IPs Detected Today</h3>
-            <table id="top10sip" data-htsql="/((event?date(timestamp)=today())^(inet(iphdr.ip_src))).define(abc:=count(^)).sort(abc-).limit(10){*:as SourceIP,abc:as Count}"></table>
+                <h3>Top 10 Source IPs Detected Today</h3>
+                <table id="top10sip"
+                        data-htsql="/((event?date(timestamp)=today())^{inet(iphdr.ip_src)})
+                                        {*1 :as SourceIP,
+                                        count(^)- :as '%23'}.limit(10)">
+                </table>
 
           </div>
           <div class="cell">
-
-            <h3>Top 10 Destination IPs Detected Today</h3>
-            <table id="top10dip" data-htsql="/((event?date(timestamp)=today())^(inet(iphdr.ip_dst))).define(abc:=count(^)).sort(abc-).limit(10){*:as DestinationIP,abc:as Count}"></table>
-
+                <h3>Top 10 Destination IPs Detected Today</h3>
+                <table id="top10dip"
+                        data-htsql="/((event?date(timestamp)=today())^{inet(iphdr.ip_dst)})
+                                     {*1 :as DestinationIP,
+                                        count(^)- :as '%23'}.limit(10)">
+                </table>
           </div>
       </div>
 
                       <div class="cell">
 
                           <h3>Selected Event TCP Header</h3>
-                          <table id="last25detail" data-htsql="/event{tcphdr.tcp_sport:as('Source Port'), tcphdr.tcp_dport:as('Destination Port'), tcphdr.tcp_seq:as('Sequence'), tcphdr.tcp_ack:as('Acknowledgement'), tcphdr.tcp_off:as('Offset'), tcphdr.tcp_res:as('Reserved'), tcphdr.tcp_flags:as('Flags'), tcphdr.tcp_win:as('Window'), tcphdr.tcp_csum:as('Checksum'), tcphdr.tcp_urp:as('Urgent Pointer')}?cid=$last25"></table>
+                          <table id="last25tcpdetail" data-htsql="/event{tcphdr.tcp_sport:as('Source Port'), tcphdr.tcp_dport:as('Destination Port'), tcphdr.tcp_seq:as('Sequence'), tcphdr.tcp_ack:as('Acknowledgement'), tcphdr.tcp_off:as('Offset'), tcphdr.tcp_res:as('Reserved'), tcphdr.tcp_flags:as('Flags'), tcphdr.tcp_win:as('Window'), tcphdr.tcp_csum:as('Checksum'), tcphdr.tcp_urp:as('Urgent Pointer')}?cid=$last25"></table>
 
                       </div>
                   </div>
                       <div class="cell">
 
                           <h3>Selected Event UDP Header</h3>
-                          <table id="last25detail" data-htsql="/event{udphdr.udp_sport:as('Source Port'), udphdr.udp_dport:as('Destination Port'), udphdr.udp_len:as('Length'),udphdr.udp_csum:as('Checksum')}?cid=$last25"></table>
+                          <table id="last25udpdetail" data-htsql="/event{udphdr.udp_sport:as('Source Port'), udphdr.udp_dport:as('Destination Port'), udphdr.udp_len:as('Length'),udphdr.udp_csum:as('Checksum')}?cid=$last25"></table>
 
                       </div>
                   </div>
                       <div class="cell">
 
                           <h3>Selected Event ICMP Header</h3>
-                          <table id="last25detail" data-htsql="/event{icmphdr.icmp_type:as('ICMP Type'), icmphdr.icmp_code:as('ICMP Code'), icmphdr.icmp_csum:as('Checksum'),icmphdr.icmp_id:as('ICMP ID'), icmphdr.icmp_seq:as('Sequence')}?cid=$last25"></table>
+                          <table id="last25icmpdetail" data-htsql="/event{icmphdr.icmp_type:as('ICMP Type'), icmphdr.icmp_code:as('ICMP Code'), icmphdr.icmp_csum:as('Checksum'),icmphdr.icmp_id:as('ICMP ID'), icmphdr.icmp_seq:as('Sequence')}?cid=$last25"></table>
 
                       </div>
                   </div>
 
 
   </div>
-    <script type="text/javascript">
-
-      var _gaq = _gaq || [];
-      _gaq.push(['_setAccount', 'UA-11527623-4']);
-      _gaq.push(['_trackPageview']);
-
-      (function() {
-        var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
-        ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
-        var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
-      })();
-
-    </script>
 </body></html>
-