search

Snorby / snorby

Ruby On Rails Application For Network Security Monitoring
Other
1k stars 225 forks source link

Unable to view dashboard - undefined method `zero?' #447

Closed ghost closed 7 years ago

ghost commented 8 years ago

I've tried a hard reset on the Snorby database and it's still not working properly. It works when there are no events in the database. Once events get created it starts having this problem.

Looks like a sensor event_count is showing up as nil?

HEAD detached at v2.6.2 ruby 1.9.3p551 (2014-11-13 revision 48407) [x86_64-linux] mysqld Ver 5.5.47-0+deb8u1 for debian-linux-gnu on x86_64 ((Debian))

Started GET "/dashboard" for 192.168.0.52 at 2016-07-30 19:13:06 -0500
  Processing by PageController#dashboard as HTML
Rendered page/_severity_dashboard.html.erb (8.6ms)
Rendered page/_graph_event.html.erb (18.6ms)
Rendered page/_graph_severity.html.erb (0.8ms)
Rendered page/_graph_protocol.html.erb (0.7ms)
Rendered page/_graph_signature.html.erb (0.6ms)
Rendered page/_graph_source_ips.html.erb (0.6ms)
Rendered page/_graph_destination_ips.html.erb (0.6ms)
Rendered page/_graph_dashboard.html.erb (24.7ms)
Rendered page/dashboard.html.erb within layouts/application (397.1ms)
Completed 500 Internal Server Error in 952ms

ActionView::Template::Error (undefined method `zero?' for nil:NilClass):
    111:         "match_all"=>"true", "search"=>{"sensor"=>{"column"=>"sensor", "operator"=>"is", "value"=> sensor.sid } }), :title => sensor.sensor_name %> 
    112: 
    113:         <span>
    114:           <%= number_with_delimiter (sensor.events_count.zero? ? Event.count(:sid => sensor.sid) : sensor.events_count) %>
    115:         </span>
    116:       </li>
    117:                        <% end %>
  app/views/page/dashboard.html.erb:114:in `block in _app_views_page_dashboard_html_erb__1376634656154484313_50245480'
  app/views/page/dashboard.html.erb:108:in `_app_views_page_dashboard_html_erb__1376634656154484313_50245480'
  app/controllers/page_controller.rb:56:in `dashboard'
ghost commented 8 years ago

Contents of the sensor table.

mysql> select * from sensor;
+-----+--------------------+---------------------+------------+--------+--------+----------+----------+----------------+------------+--------------+
| sid | name               | hostname            | interface  | filter | detail | encoding | last_cid | pending_delete | updated_at | events_count |
+-----+--------------------+---------------------+------------+--------+--------+----------+----------+----------------+------------+--------------+
|   1 | Click To Change Me | firewall:bond0.1    | bond0.1    | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   2 | Click To Change Me | firewall:bond0.1194 | bond0.1194 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   3 | Click To Change Me | firewall:bond0.1198 | bond0.1198 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   4 | Click To Change Me | firewall:bond0.1201 | bond0.1201 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   5 | Click To Change Me | firewall:bond0.1200 | bond0.1200 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   6 | Click To Change Me | firewall:bond0.1204 | bond0.1204 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   7 | Click To Change Me | firewall:bond0.1206 | bond0.1206 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   8 | Click To Change Me | firewall:bond0.1199 | bond0.1199 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|   9 | Click To Change Me | firewall:bond0.1205 | bond0.1205 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|  10 | Click To Change Me | firewall:bond0.100  | bond0.100  | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|  11 | Click To Change Me | firewall:bond0.1202 | bond0.1202 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|  12 | Click To Change Me | firewall:bond0.1195 | bond0.1195 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|  13 | Click To Change Me | firewall:bond0.1196 | bond0.1196 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|  14 | Click To Change Me | firewall:bond0.1197 | bond0.1197 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
|  15 | Click To Change Me | firewall:bond0.1203 | bond0.1203 | NULL   |      1 |        0 |        1 |              0 | NULL       |            0 |
+-----+--------------------+---------------------+------------+--------+--------+----------+----------+----------------+------------+--------------+
15 rows in set (0.00 sec)
ghost commented 8 years ago

Weird, after re-naming the sensors the error has gone away. I did restart apache and passenger so, possibly a dirty or broken cache?