Realtime monitoring page

gsanchietti commented 2 months ago

Description: Create a comprehensive dashboard for NethSecurity monitoring with the following sections. The page displays available data from today, some charts may have traffic relative only to a limited number of hours.

Traffic
- Real-time display at the top:
  - [x] Total daily traffic (counter)
  - [x] Daily traffic graph (histogram)
- Daily traffic graphs (also with tables?):
  - [x] By protocol
  - [x] By app
  - [x] Remote hosts
  - [x] Local hosts

A detail for each host will be developed on a next iteration.

Connectivity
- [x] List of WAN connections:
  - Name
  - Device
  - Status (UP/DOWN)
- [x] Last 30-60 minutes of traffic graph for each WAN (histogram, from netdata)
- [x] List of wan connect/disconnect events
VPN
- For each RW server:
  - [x] Number of users present on the server
  - [x] Number of connected users
- RW DETAILS (for each RW server, currently only one):
  - [x] Currently connected users and start time
  - [x] Number of connected clients per hour: ovpnrw-count-clients-by-hour method
  - [x] Total client traffic per hour: ovpnrw-bytes-by-hour method
  - [x] Traffic per client per hour: ovpnrw-bytes-by-hour-and-user method
- General : Net to Net section
  - [x] Number of enabled tunnels (counter)
  - [x] Number of connected tunnels (counter)
  - [x] Configured tunnels list with name, status, type (openvpn, ipsec, wg)
- For each Net to NET tunnel:
  - [x] Last 30-60 minutes of traffic graph (from netdata)
Security
- [x] Total number of blocked packets for the day: malware_count field
- [x] Number of blocked packets per hour: malware_by_hour field
- [x] Pie chart: malware by direction (in/out): malware_by_chain field
- [x] Pie chart: malware by category: malware_by_category field
- [x] Number of blocked IPs per day: attack_count field
- [x] List of most blocked IPs: attack_by_ip field
- [x] Graph of blocked IPs per hour: attack_by_hour field