fix: 调整detection列表和下拉中的描述字段逻辑

2023-10-24 20:20:56 +08:00
parent 871781ab70
commit b4fcbd260b
4 changed files with 30 additions and 16 deletions
--- a/src/assets/css/components/views/detections/detection-overview.scss
+++ b/src/assets/css/components/views/detections/detection-overview.scss
@@ -67,6 +67,7 @@
        font-weight: 500;
        font-size: 14px;
        align-items: center;
+        flex-wrap: wrap;

        &.row__content--link {
          font-style: italic;
@@ -100,6 +101,10 @@
          margin-right: 7px;
        }
      }
+      .row__content1 {
+        display: block;
+        padding-right: 50px;
+      }
    }
  }
 }
--- a/src/assets/css/components/views/detections/detection-table.scss
+++ b/src/assets/css/components/views/detections/detection-table.scss
@@ -61,22 +61,19 @@

 .detection-tag-status0 {
  font-weight: 500;
-  font-family: NotoSansHans-Medium;
  background: rgba(113, 113, 113, 0.12);
  color: #717171;
-  padding: 0 12px;
+  padding: 0 10px;
 }

 .detection-tag-status1 {
  font-weight: 500;
-  font-family: NotoSansHans-Medium;
  background: rgba(126, 159, 84, 0.12);
  color: #7E9F54;
-  padding: 0 8px;
+  padding: 0 10px;
 }

 .detection-table-library {
-  font-family: NotoSansSChineseRegular;
  font-size: 12px;
  color: #046ECA;
  font-weight: 400;
--- a/src/views/detections/DetectionRow.vue
+++ b/src/views/detections/DetectionRow.vue
@@ -16,8 +16,7 @@
              class="detection-event-severity-color-block"
              :style="`background-color: ${eventSeverityColor[detection.eventSeverity]}`">
          </span>
-<!--          <span class="detection-event-severity-block">{{ detection.securityType || '-' }}</span>-->
-          <span class="detection-event-severity-block">{{ detection.eventType || '-' }}</span>
+          <span class="detection-event-severity-block">{{ detection.eventName || '-' }}</span>
          <i class="cn-icon cn-icon-attacker" ></i>{{detection.offenderIp || '-'}}
          <div v-if="detection.domain" class="domain">{{detection.domain}}</div>
          <span class="line">-------</span>
@@ -41,6 +40,11 @@
                <span>{{$t('detections.severity')}}&nbsp;:&nbsp;&nbsp;</span>
                <span>{{detection.eventSeverity || '-'}}</span>
              </div>
+              <div class="basic-info__item" v-if="detection.eventType">
+                <i class="cn-icon cn-icon-event-type"></i>
+                <span>{{$t('detections.eventType')}}&nbsp;:&nbsp;&nbsp;</span>
+                <span>{{detection.eventType || '-'}}</span>
+              </div>
              <div class="basic-info__item" v-if="detection.malware">
                <i class="cn-icon cn-icon-trojan"></i>
                <span>{{$t('detection.list.malwareName')}}&nbsp;:&nbsp;&nbsp;</span>
--- a/src/views/detections/overview/DetectionSecurityEventOverview.vue
+++ b/src/views/detections/overview/DetectionSecurityEventOverview.vue
@@ -3,17 +3,18 @@
    <div class="overview__left">
      <div class="overview__title">{{ $t('overall.remark') }}</div>
      <div class="overview__row">
-        <div class="row__content1" v-if="detection.malware">
-          <span class="row__content--link">
-            {{ $_.get(detection, 'malware.mitreAttackDescription', '-') || '-' }}
-          </span>&nbsp;
+        <div class="row__content1" v-if="detection.eventType === 'Command and Control' && detection.eventName === 'Cobalt Strike'">
+          <span class="row__content--link">{{detection.victimIp}}</span>&nbsp;&nbsp;communicated with&nbsp;<span class="row__content--link">{{detection.offenderIp}}</span>&nbsp;&nbsp;that was associated with the  indicator of Cobalt Strike activity, {{$_.get(detection, 'eventInfoObj.ioc_value', '') || ''}}.
        </div>
-        <div class="row__content1" v-if="detection.darkweb">
-          <span class="row__content--link">
-            {{ $_.get(detection, 'malware.mitreAttackDescription', '-') || '-' }}
-          </span>&nbsp;
+        <div class="row__content1" v-else-if="detection.eventType === 'Command and Control' && detection.eventName === 'Mirai'">
+          <span class="row__content--link">{{detection.victimIp}}</span>&nbsp;&nbsp;communicated with&nbsp;<span class="row__content--link">{{detection.offenderIp}}</span>&nbsp;&nbsp;that was associated with the  indicator of Mirai attacks, {{$_.get(detection, 'eventInfoObj.ioc_value', '') || ''}}.
+        </div>
+        <div class="row__content1" v-else-if="detection.eventType === 'Anonymity'">
+          <span class="row__content--link">{{detection.victimIp}}</span>&nbsp;&nbsp;communicated with&nbsp;<span class="row__content--link">{{detection.offenderIp}}</span>&nbsp;&nbsp;that was associated with the  indicator of Tor/I2P/MTProxy/Obfs4/Snowflake/GeneralBridge, {{$_.get(detection, 'eventInfoObj.ioc_value', '') || ''}}.
+        </div>
+        <div class="row__content1" v-else>
+          {{basicInfo.ruleDescription || '-'}}
        </div>
-        <span v-else>-</span>
      </div>
      <div class="overview__title">Fields</div>
      <div class="overview__row">
@@ -456,6 +457,13 @@ export default {
          }
        })
      }
+      if (this.detection.ruleId) {
+        axios.get(`${api.detection.detail}/${this.detection.ruleId}`).then(res => {
+          if (res.status === 200) {
+            this.basicInfo.ruleDescription = res.data.data.description
+          }
+        })
+      }
    },
    queryEvent () {
      axios.get(api.detection.securityEvent.relationEvent, {