- Introduced a new partial template `_ip_detail.html` for displaying comprehensive IP details, including activity, geo & network information, reputation, and access history.
- Updated `ip_insight.html` to include the new `_ip_detail.html` partial, streamlining the code and enhancing maintainability.
- Enhanced CSS styles for improved layout and responsiveness, including adjustments to the radar chart size and the introduction of a two-column grid layout for IP details.
- Refactored JavaScript for loading attack types charts to support multiple instances and improved error handling.
- Updated various tables to include "Actions" column with inspect buttons for IP insights.
- Created a new IP insight template for displaying detailed information about an IP address.
- Implemented JavaScript functions to handle opening the IP insight view and loading data via HTMX.
- Enhanced map markers to include inspect buttons for quick access to IP insights.
- Added styles for the new IP insight page and buttons to maintain UI consistency.
This update makes the Attackers by Total Requests table sortable by First Seen and Last Seen.
It also changes the way datetimes are being displayed everywhere: Only show the time when the event happened today, show the full datetime when the event happened on another day.
- Added custom CSS for pie-chart cluster icons to improve visual representation.
- Implemented a function to create cluster icons using conic gradients based on IP categories.
- Refactored marker creation logic to utilize unique coordinates for overlapping markers.
- Introduced a loading overlay during IP data fetching to enhance user experience.
- Updated map filters to dynamically show/hide markers based on user selection.
- Improved error handling for IP stats fetching and added informative popups.
* added documentation, updated repo pointer in the dashboard, added dashboard link highlighting and mionor fixes
* added doc
* added logo to dashboard
* Fixed dashboard attack chart
* Enhance fake data generation with varied request counts for better visualization
* Add automatic migrations and support for latitude/longitude in IP stats
* Update Helm chart version to 0.2.2 and add timezone configuration option
---------
Co-authored-by: BlessedRebuS <patrick.difa@gmail.com>
* feat: enhance IP reputation management with city data and geolocation integration
* feat: enhance dashboard with city coordinates and improved marker handling
* feat: update chart version to 0.2.1 in Chart.yaml, README.md, and values.yaml
* feat: update logo format and size in README.md
* feat: improve location display logic in dashboard for attackers and IPs
* feat: update analyzer thresholds and add crawl configuration options
* feat: update Helm chart version and add README for installation instructions
* feat: update installation instructions in README and add Docker support
* feat: update deployment manifests and configuration for improved service handling and analyzer settings
* feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters
* feat: update configuration for Krawl service to use external config file
* feat: refactor code for improved readability and consistency across multiple files
* feat: remove Flake8, Pylint, and test steps from PR checks workflow
- Add SQLAlchemy-based database layer for persistent storage
- Create models for access_logs, credential_attempts, attack_detections, ip_stats
- Include fields for future GeoIP and reputation enrichment
- Implement sanitization utilities to protect against malicious payloads
- Fix XSS vulnerability in dashboard template (HTML escape all user data)
- Add DATABASE_PATH and DATABASE_RETENTION_DAYS config options
- Dual storage: in-memory for dashboard performance + SQLite for persistence
New files:
- src/models.py - SQLAlchemy ORM models
- src/database.py - DatabaseManager singleton
- src/sanitizer.py - Input sanitization and HTML escaping
- requirements.txt - SQLAlchemy dependency
Security protections:
- Parameterized queries via SQLAlchemy ORM
- Field length limits to prevent storage exhaustion
- Null byte and control character stripping
- HTML escaping on dashboard output
