Good morning,
i want to modify values before render with expansion rows. I add links to rows in table expansion.
I cant retrieve this values and modify before render and showed in splunk.
![alt text][1]
[1]: /storage/temp/275612-capture-linkscve.png
require([
'splunkjs/mvc/tableview',
'splunkjs/mvc/eventsviewerview',
'splunkjs/mvc/postprocessmanager',
'splunkjs/mvc/searchmanager',
'splunkjs/mvc',
'underscore',
'splunkjs/mvc/simplexml/ready!'
],function(
TableView,
EventsViewer,
PostProcessManager,
SearchManager,
mvc,
_
){
var EventSearchBasedRowExpansionRenderer = TableView.BaseRowExpansionRenderer.extend({
initialize: function(args) {
// initialize will run once, so we will set up a search and a chart to be reused.
this._searchCveid = new SearchManager({
id: 'details-cveid-search',
preview: false
});
this._tblProductAffectedView = new TableView({
id: "tableproductaffectedview",
managerid: 'details-cveid-search',
count: 100,
dataOverlayMode: "none",
drilldown: "true",
rowNumbers: "false",
wrap: "false",
});
},
canRender: function(rowData) {
// Since more than one row expansion renderer can be registered we let each decide if they can handle that
// data
// Here we will always handle it.
return true;
},
render: function($container, rowData) {
// rowData contains information about the row that is expanded. We can see the cells, fields, and values
// We will find the cveid cell to use its value
var cveidCell = _(rowData.cells).find(function (cell) {
return cell.field === 'CVE ID';
});
this._searchCveid.set({
search : 'index=SecurityNews '+cveidCell.value+'|search "\\"ID\\": \\"CVE-*"|rename security.cve{}.CVE_data_meta.ID as cveid|spath input=_raw path=security.cve{}.affects.vendor.vendor_data{} output=VendorNames|mvexpand VendorNames|spath input=VendorNames path="product" output=Products|spath input=VendorNames path=vendor_name output=VendorName|mvexpand Products|spath input=Products path="product_data{}" output=Products_Data|mvexpand Products_Data|spath input=Products_Data path=product_name output=ProductName|spath input=Products_Data path=version.version_data{} output=versions|mvexpand versions|spath input=versions path=version_affected output=VersionAffected|spath input=versions path=version_value output=VersionValue|eval "Product Affected"=mvzip(mvzip(mvzip(VendorName,ProductName," "),VersionAffected," "), VersionValue, " ")|table "Product Affected",cveid|fields - cveid| appendcols [search index=SecurityNews '+cveidCell.value+' tenableplugins|search "\\"ID\\": \\"CVE-*"|rename security.cve{}.CVE_data_meta.ID as cveid|spath input=_raw path=security.cve{}.tenablecve output="Tenable CVE"|table "Tenable CVE"] |appendcols [search index=SecurityNews '+cveidCell.value+' tenableplugins|search "\\"ID\\": \\"CVE-*"|rename security.cve{}.CVE_data_meta.ID as cveid|spath input=_raw path=security.cve{}.tenableplugins{} output=tenableplugins|mvexpand tenableplugins|spath input=tenableplugins path=plugin_id output=pluginid|spath input=tenableplugins path=plugin_name output=pluginname|spath input=tenableplugins path=plugin_link output=plugin_link|eval "Tenable Plugins"=mvzip(pluginid,pluginname," ")] |table "Product Affected","Tenable CVE", "Tenable Plugins"'
})
var datasource = this._searchCveid.data('results');
datasource.on('data',function(){
var datasourceArray = datasource.data().rows;
console.log("Rows", datasource.data().rows);
console.log("Fields",datasource.data().fields);
});
//Tratamiento de la tabla
$container.append(this._tblProductAffectedView.render().el);
}
});
var tableElement = mvc.Components.getInstance("cve_link");
tableElement.getVisualization(function(tableView) {
// Add custom cell renderer, the table will re-render automatically.
tableView.addRowExpansionRenderer(new EventSearchBasedRowExpansionRenderer());
});
});
↧