mstoeck3/dnscope
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

correlation engine

Browse Source
This commit is contained in:
overcuriousity
2025-09-18 20:51:13 +02:00
parent cbfd40ee98
commit 12f834bb65
8 changed files with 258 additions and 346 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
static/js/graph.js
View File

@@ -587,26 +587,17 @@ class GraphManager {
// Handle merged correlation objects
if (node.type === 'correlation_object') {
const metadata = node.metadata || {};
const values = metadata.values || [];
const mergeCount = metadata.merge_count || 1;
if (mergeCount > 1) {
processedNode.label = `Correlations (${mergeCount})`;
processedNode.title = `Merged correlation container with ${mergeCount} values: ${values.slice(0, 3).join(', ')}${values.length > 3 ? '...' : ''}`;
processedNode.borderWidth = 3;
} else {
const value = Array.isArray(values) && values.length > 0 ? values[0] : (metadata.value || 'Unknown');
const displayValue = typeof value === 'string' && value.length > 20 ? value.substring(0, 17) + '...' : value;
processedNode.label = `${displayValue}`;
processedNode.title = `Correlation: ${value}`;
}
const correlationValueAttr = this.findAttributeByName(node.attributes, 'correlation_value');
const value = correlationValueAttr ? correlationValueAttr.value : 'Unknown';
const displayValue = typeof value === 'string' && value.length > 20 ? value.substring(0, 17) + '...' : value;
processedNode.label = `${displayValue}`;
processedNode.title = `Correlation: ${value}`;
}
return processedNode;
}
/**
* Process edge data with styling and metadata
* @param {Object} edge - Raw edge data

10
static/js/main.js
View File

@@ -1609,15 +1609,19 @@ class DNSReconApp {
* UPDATED: Enhanced correlation details showing the correlated attribute clearly (no formatting)
*/
generateCorrelationDetails(node) {
const metadata = node.metadata || {};
const value = metadata.value;
const attributes = node.attributes || [];
const correlationValueAttr = attributes.find(attr => attr.name === 'correlation_value');
const value = correlationValueAttr ? correlationValueAttr.value : 'Unknown';
const metadataAttr = attributes.find(attr => attr.name === 'correlation_value');
const metadata = metadataAttr ? metadataAttr.metadata : {};
const correlatedNodes = metadata.correlated_nodes || [];
const sources = metadata.sources || [];
let html = '';
// Show what attribute is being correlated (raw names)
const primarySource = metadata.primary_source || 'unknown';
const primarySource = sources.length > 0 ? sources[0].attribute : 'unknown';
html += `
<div class="modal-section">