Label unauthorized security events as blocked and highlight likely scanner probes so the log view is easier to interpret during investigations. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -86,8 +86,41 @@
|
||||
filter !== "all" || !!ipFilter.trim() || !!startDate || !!endDate
|
||||
);
|
||||
|
||||
const typeLabels = { auth_failure: "Auth", suspicious_request: "Request", error: "Error" };
|
||||
const typeColors = { auth_failure: "text-red-400", suspicious_request: "text-amber-400", error: "text-surface-500" };
|
||||
function isBlockedScannerEvent(entry) {
|
||||
if (entry.type !== "unauthorized") return false;
|
||||
|
||||
const message = (entry.message || "").toLowerCase();
|
||||
return [
|
||||
"/.git/",
|
||||
"phpinfo",
|
||||
"debug.log",
|
||||
"laravel.log",
|
||||
"stripe",
|
||||
"swagger.json",
|
||||
"wp-config",
|
||||
"credentials",
|
||||
"secrets",
|
||||
"config",
|
||||
"@vite",
|
||||
"manifest.json",
|
||||
].some((needle) => message.includes(needle));
|
||||
}
|
||||
|
||||
const logTypeFilters = ["all", "auth_failure", "suspicious_request", "unauthorized"];
|
||||
const logTypeButtonLabels = {
|
||||
all: "All",
|
||||
auth_failure: "Auth",
|
||||
suspicious_request: "Requests",
|
||||
unauthorized: "Blocked",
|
||||
};
|
||||
|
||||
const typeLabels = { auth_failure: "Auth", suspicious_request: "Request", unauthorized: "Blocked", error: "Error" };
|
||||
const typeColors = {
|
||||
auth_failure: "text-red-400",
|
||||
suspicious_request: "text-amber-400",
|
||||
unauthorized: "text-orange-400",
|
||||
error: "text-surface-500"
|
||||
};
|
||||
</script>
|
||||
|
||||
<div class="space-y-6">
|
||||
@@ -171,9 +204,9 @@
|
||||
</div>
|
||||
|
||||
<div class="flex flex-wrap gap-1.5 mb-3">
|
||||
{#each ["all", "auth_failure", "suspicious_request"] as f}
|
||||
{#each logTypeFilters as f}
|
||||
<button onclick={() => applyTypeFilter(f)} class="px-2.5 py-1 text-xs rounded-md transition-colors {filter === f ? 'bg-surface-800 text-white dark:bg-surface-200 dark:text-surface-900' : 'bg-surface-100 text-surface-500 hover:bg-surface-200 dark:bg-surface-700 dark:text-surface-300 dark:hover:bg-surface-600'}">
|
||||
{f === "all" ? "All" : f === "auth_failure" ? "Auth" : "Requests"}
|
||||
{logTypeButtonLabels[f]}
|
||||
</button>
|
||||
{/each}
|
||||
</div>
|
||||
@@ -236,6 +269,9 @@
|
||||
{#if e.username}
|
||||
<span class="text-red-400 shrink-0">{e.username}</span>
|
||||
{/if}
|
||||
{#if isBlockedScannerEvent(e)}
|
||||
<span class="shrink-0 rounded-md bg-orange-500/15 px-1.5 py-0.5 text-[10px] font-medium text-orange-300 border border-orange-500/30">scanner</span>
|
||||
{/if}
|
||||
<span class="text-surface-300 truncate">{e.message}</span>
|
||||
</div>
|
||||
{/each}
|
||||
|
||||
Reference in New Issue
Block a user