├── README.md
├── d3chart
    └── forceopacity.html
├── map2.html
├── pivotmap.sh
├── sample_data.csv
└── so.csv


/README.md:
--------------------------------------------------------------------------------
1 | # pivotmap
2 | Analyst tool for creating pivot maps of data sources
3 | 
4 | Usage: cat sample_data.csv | ./pivotmap.sh > map.html
5 | 
6 | Examine sample_data.csv or so.csv for an example of how your input should be formatted.
7 | 
8 | This tool is based on Moplotter (https://github.com/automayt/MoPlotter). Special thanks to Jason Smith. 
9 | 


--------------------------------------------------------------------------------
/d3chart/forceopacity.html:
--------------------------------------------------------------------------------
  1 | <!DOCTYPE html>
  2 | <meta charset="utf-8">
  3 | <script type="text/javascript" src="http://d3js.org/d3.v3.min.js"></script>
  4 | <pre id="csvdata">dataplaceholder
  5 | </pre>
  6 | <style>
  7 |   body {
  8 |     overflow: hidden;
  9 |     margin: 0;
 10 |     font-size: 14px;
 11 |     font-family: "Helvetica Neue", Helvetica;
 12 |   }
 13 |   #header {
 14 |     height: 0;
 15 |     right: 0px;
 16 |     width: 100%;
 17 |     text-align: right;
 18 |     direction: rtl;
 19 |     padding-right: 20px;
 20 |     text-indent: 20px;
 21 |     background: #999;
 22 |     z-index: 1;
 23 |     display: block;
 24 |     font-size: 36px;
 25 |     font-weight: 300;
 26 |     text-shadow: 0 1px 0 #fff;
 27 |   }
 28 |   .hinth {
 29 |     position: absolute;
 30 |     right: 0;
 31 |     width: 100%;
 32 |     font-size: 12px;
 33 |     color: #999;
 34 |     text-align: right;
 35 |     direction: rtl;
 36 |   }
 37 |   #footer {
 38 |     height: 1;
 39 |     left: 0px;
 40 |     width: 100%;
 41 |     text-align: left;
 42 |     padding-left: 20px;
 43 |     background: #999;
 44 |     z-index: 1;
 45 |     display: block;
 46 |     font-size: 36px;
 47 |     font-weight: 300;
 48 |     text-shadow: 0 1px 0 #fff;
 49 |   }
 50 |   .hintf {
 51 |     position: absolute;
 52 |     left: 0;
 53 |     width: 100%;
 54 |     font-size: 12px;
 55 |     color: #999;
 56 |     padding-left: 20px;
 57 |     text-align: left;
 58 |   }
 59 |   #csvdata {
 60 |     display: none;
 61 |   }
 62 |   #parsed {
 63 |     display: none;
 64 |   }
 65 |   path.link {
 66 |     fill: none;
 67 |     stroke: #666;
 68 |     stroke-width: 1.5px;
 69 |   }
 70 |   path.link.twofive {
 71 |     opacity: 0.25;
 72 |   }
 73 |   path.link.fivezero {
 74 |     opacity: 0.50;
 75 |   }
 76 |   path.link.sevenfive {
 77 |     opacity: 0.75;
 78 |   }
 79 |   path.link.onezerozero {
 80 |     opacity: 1.0;
 81 |   }
 82 |   circle {
 83 |     fill: #ccc;
 84 |     stroke: #fff;
 85 |     stroke-width: 1.5px;
 86 |     cursor: crosshair;
 87 |   }
 88 |   text {
 89 |     fill: #000;
 90 |     font: 10px sans-serif;
 91 |     pointer-events: none;
 92 |   }
 93 | </style>
 94 | 
 95 | <body>
 96 |   <div id="body">
 97 |     <div id="header">
 98 |       Pivot Map
 99 |       <div class="hinth">Generated by pivotmap.sh</div>
100 |     </div>
101 |     <div id="footer">
102 |       Instructions
103 |       <div class="hintf">Click to turn swelled blue
104 |         <br />ALTClick to turn green
105 |         <br />SHIFTClick to turn red
106 |         <br />Click+drag nodes to make sticky
107 |   <br />MouseScroll to zoom
108 |   <br />Click+drag empty space to pan </div>
109 |     </div>
110 |   </div>
111 |   <div id="parsed"></div>
112 | 
113 |   <script>
114 |    //convert CSV to JSON
115 |     var raw = d3.select("#csvdata").text();
116 | 
117 |     var parsed = d3.csv.parse(raw);
118 | 
119 |     d3.select("#parsed").text(JSON.stringify(parsed));
120 |     var links = JSON.parse(document.getElementById('parsed').innerHTML);
121 |      
122 |    // get the data
123 |     var nodes = {};
124 | 
125 |      // Compute the distinct nodes from the links.
126 |     links.forEach(function(link) {
127 |       link.source = nodes[link.source] ||
128 |         (nodes[link.source] = {
129 |         name: link.source
130 |       });
131 |       link.target = nodes[link.target] ||
132 |         (nodes[link.target] = {
133 |         name: link.target
134 |       });
135 |       link.value = +link.value;
136 |     });
137 | 
138 |     var width = 1960,
139 |       height = 1500;
140 | 
141 |     var force = d3.layout.force()
142 |       .nodes(d3.values(nodes))
143 |       .links(links)
144 |       .size([width, height])
145 |       .linkDistance(60)
146 |       .charge(-700)
147 |     .gravity(.15)
148 |       .on("tick", tick)
149 |       .start();
150 | 
151 |      // Set the range
152 |     var v = d3.scale.linear().range([0, 100]);
153 | 
154 |      // Scale the range of the data
155 |     v.domain([0, d3.max(links, function(d) {
156 |       return d.value;
157 |     })]);
158 | 
159 |      // assign a type per value to encode opacity
160 |     links.forEach(function(link) {
161 |       if (v(link.value) <= 25) {
162 |         link.type = "twofive";
163 |       } else if (v(link.value) <= 50 && v(link.value) > 25) {
164 |         link.type = "fivezero";
165 |       } else if (v(link.value) <= 75 && v(link.value) > 50) {
166 |         link.type = "sevenfive";
167 |       } else if (v(link.value) <= 100 && v(link.value) > 75) {
168 |         link.type = "onezerozero";
169 |       }
170 |     });
171 | 
172 |     var vis = d3.select("#body")
173 |       .append("svg:svg")
174 |       .attr("width", width)
175 |       .attr("height", height)
176 |       .attr("pointer-events", "all")
177 |       .append('svg:g')
178 |       .call(d3.behavior.zoom().on("zoom", redraw)).on("dblclick.zoom", null)
179 |       .append('svg:g');
180 | 
181 |     var svg = vis
182 | 
183 |      vis.append('svg:rect')
184 |       .attr('width', width)
185 |       .attr('height', height)
186 |       .attr('fill', 'white');
187 | 
188 |     function redraw() {
189 |       console.log("here", d3.event.translate, d3.event.scale);
190 |       vis.attr("transform",
191 |         "translate(" + d3.event.translate + ")" + " scale(" + d3.event.scale + ")");
192 |     }
193 | 
194 |      // build the arrow.
195 |     svg.append("svg:defs").selectAll("marker")
196 |       .data(["end"]) // Different link/path types can be defined here
197 |     .enter().append("svg:marker") // This section adds in the arrows
198 |     .attr("id", String)
199 |       .attr("viewBox", "0 -5 10 10")
200 |       .attr("refX", 15)
201 |       .attr("refY", -.15)
202 |       .attr("markerWidth", 6)
203 |       .attr("markerHeight", 6)
204 |       .attr("orient", "auto")
205 |       .append("svg:path")
206 |       .attr("d", "M0,-5L10,0L0,5");
207 | 
208 |      // add the links and the arrows
209 |     var path = svg.append("svg:g").selectAll("path")
210 |       .data(force.links())
211 |       .enter().append("svg:path")
212 |       .attr("class", function(d) {
213 |         return "link " + d.type;
214 |       })
215 |       .attr("marker-end", "url(#end)");
216 | 
217 |      // define the nodes
218 |     var node = svg.selectAll(".node")
219 |       .data(force.nodes())
220 |       .enter().append("g")
221 |       .attr("class", "node")
222 |     .on("mousedown", function() { d3.event.stopPropagation(); })
223 |       .on("click", click)
224 |       .on("dblclick", dblclick)
225 |       .call(force.drag);
226 | 
227 |      // add the nodes
228 |     node.append("circle")
229 |       .attr("r", 5);
230 | 
231 |      // add the text
232 |     node.append("text")
233 |       .attr("x", 12)
234 |       .attr("dy", ".35em")
235 |       .text(function(d) {
236 |         return d.name;
237 |       });
238 | 
239 |      // add the curvy lines
240 |     function tick() {
241 |       path.attr("d", function(d) {
242 |         var dx = d.target.x - d.source.x,
243 |           dy = d.target.y - d.source.y,
244 |           dr = Math.sqrt(dx * dx + dy * dy);
245 |         return "M" +
246 |           d.source.x + "," +
247 |           d.source.y + "A" +
248 |           dr + "," + dr + " 0 0,1 " +
249 |           d.target.x + "," +
250 |           d.target.y;
251 |       });
252 | 
253 |       node
254 |         .attr("transform", function(d) {
255 |           return "translate(" + d.x + "," + d.y + ")";
256 |         });
257 |     }
258 | 
259 |      // action to take on mouse click
260 |     function click(d) {
261 |       d3.select(this).select("text").transition()
262 |         .duration(750)
263 |         .attr("x", 22)
264 |         .style("fill", "steelblue")
265 |         .style("stroke", "lightsteelblue")
266 |         .style("stroke-width", ".5px")
267 |         .style("font", "20px sans-serif");
268 |       d3.select(this).select("circle").transition()
269 |         .duration(750)
270 |         .attr("r", 16)
271 |         .style("fill", "lightsteelblue");
272 |       if (d3.event.shiftKey) {
273 |         d3.select(this).select("circle").transition()
274 |           .style("fill", "red");
275 |         d3.select(this).classed("fixed", d.fixed = true);
276 |         d3.select(this).select("text").transition()
277 |           .style("fill", "red");
278 |         //.remove();
279 |         return;
280 |       }
281 |       if (d3.event.altKey) {
282 |         d3.select(this).select("circle").transition()
283 |           .style("fill", "green");
284 |         d3.select(this).classed("fixed", d.fixed = true);
285 |         d3.select(this).select("text").transition()
286 |           .style("fill", "green");
287 |         //.remove();
288 |         return;
289 |       }
290 |       d3.select(this).classed("fixed", d.fixed = true);
291 |     }
292 | 
293 |      // action to take on mouse double click
294 |     function dblclick(d) {
295 |       d3.select(this).select("circle").transition()
296 |         .duration(750)
297 |         .attr("r", 6)
298 |         .style("fill", "#ccc");
299 |       d3.select(this).select("text").transition()
300 |         .duration(750)
301 |         .attr("x", 12)
302 |         .style("stroke", "none")
303 |         .style("fill", "black")
304 |         .style("stroke", "none")
305 |         .style("font", "10px sans-serif");
306 |       d3.select(this).classed("fixed", d.fixed = false);
307 |     }
308 | 
309 |      //  });
310 |   </script>
311 | 
312 | </body>
313 | 
314 | </html>
315 | 


--------------------------------------------------------------------------------
/map2.html:
--------------------------------------------------------------------------------
  1 | <!DOCTYPE html>
  2 | <meta charset="utf-8">
  3 | <script type="text/javascript" src="http://d3js.org/d3.v3.min.js"></script>
  4 | <pre id="csvdata">
  5 | source,target
  6 | bro_http,timestamp
  7 | bro_http,bro_id
  8 | bro_http,ip
  9 | bro_http,port
 10 | bro_http,http_method
 11 | bro_http,domain
 12 | bro_http,user_agent
 13 | bro_http,uri
 14 | bro_http,bytes
 15 | bro_http,http_status
 16 | bro_http,filename
 17 | bro_http,x_originating_ip
 18 | bro_http,mime_type
 19 | bro_files,timestamp
 20 | bro_files,bro_id
 21 | bro_files,ip
 22 | bro_files,port
 23 | bro_files,mime_type
 24 | bro_files,duration
 25 | bro_files,bytes
 26 | bro_files,hash
 27 | bro_intel,timestamp
 28 | bro_intel,bro_id
 29 | bro_intel,ip
 30 | bro_intel,post
 31 | bro_intel,mime_type
 32 | bro_intel,indicator_type
 33 | bro_intel,intel_source
 34 | bro_dns,timestamp
 35 | bro_dns,bro_id
 36 | bro_dns,protocol
 37 | bro_dns,dns_trans_id
 38 | bro_dns,domain
 39 | bro_dns,dns_query_type
 40 | bro_dns,dns_response_code
 41 | bro_conn,timestamp
 42 | bro_conn,bro_id
 43 | bro_conn,ip
 44 | bro_conn,port
 45 | bro_conn,protocol
 46 | bro_conn,service
 47 | bro_conn,duration
 48 | bro_conn,bytes
 49 | bro_conn,pkt_count
 50 | bro_conn,countrycode
 51 | bro_notice,timestamp
 52 | bro_notice,bro_id
 53 | bro_notice,mime_type
 54 | bro_notice,protocol
 55 | bro_notice,ip
 56 | bro_notice,port
 57 | bro_smtp,timestamp
 58 | bro_smtp,bro_id
 59 | bro_smtp,mail_user_agent
 60 | bro_smtp,mail_subject
 61 | bro_smtp,mail_from
 62 | bro_smtp,mail_to
 63 | bro_smtp,mail_helo
 64 | bro_smtp,x_originating_ip
 65 | bro_software,timestamp
 66 | bro_software,bro_id
 67 | bro_software,ip
 68 | bro_software,port
 69 | bro_software,program_name
 70 | bro_software,program_version
 71 | bro_ssl,timestamp
 72 | bro_ssl,bro_id
 73 | bro_ssl,ip
 74 | bro_ssl,port
 75 | bro_ssl,ssl_version
 76 | bro_ssl,domain
 77 | bro_ssl,cert_subject
 78 | bro_ssl,cert_expiration
 79 | bro_ssl,cert_hash
 80 | bro_ssl,cert_validation_status
 81 | bro_ssh,timestamp
 82 | bro_ssh,bro_id
 83 | bro_ssh,ip
 84 | bro_ssh,port
 85 | bro_ssh,ssh_auth_status
 86 | bro_ssh,ssh_client_string
 87 | bro_ssh,ssh_server_string
 88 | bro_ssh,bytes
 89 | bro_tunnel,timestamp
 90 | bro_tunnel,bro_id
 91 | bro_tunnel,ip
 92 | bro_tunnel,port
 93 | bro_tunnel,tunnel_type
 94 | bro_tunnel,tunnel_action
 95 | bro_weird,timestamp
 96 | bro_weird,bro_id
 97 | bro_weird,ip
 98 | bro_weird,port
 99 | </pre>
100 | <style>
101 |   body {
102 |     overflow: hidden;
103 |     margin: 0;
104 |     font-size: 14px;
105 |     font-family: "Helvetica Neue", Helvetica;
106 |   }
107 |   #header {
108 |     height: 0;
109 |     right: 0px;
110 |     width: 100%;
111 |     text-align: right;
112 |     direction: rtl;
113 |     padding-right: 20px;
114 |     text-indent: 20px;
115 |     background: #999;
116 |     z-index: 1;
117 |     display: block;
118 |     font-size: 36px;
119 |     font-weight: 300;
120 |     text-shadow: 0 1px 0 #fff;
121 |   }
122 |   .hinth {
123 |     position: absolute;
124 |     right: 0;
125 |     width: 100%;
126 |     font-size: 12px;
127 |     color: #999;
128 |     text-align: right;
129 |     direction: rtl;
130 |   }
131 |   #footer {
132 |     height: 1;
133 |     left: 0px;
134 |     width: 100%;
135 |     text-align: left;
136 |     padding-left: 20px;
137 |     background: #999;
138 |     z-index: 1;
139 |     display: block;
140 |     font-size: 36px;
141 |     font-weight: 300;
142 |     text-shadow: 0 1px 0 #fff;
143 |   }
144 |   .hintf {
145 |     position: absolute;
146 |     left: 0;
147 |     width: 100%;
148 |     font-size: 12px;
149 |     color: #999;
150 |     padding-left: 20px;
151 |     text-align: left;
152 |   }
153 |   #csvdata {
154 |     display: none;
155 |   }
156 |   #parsed {
157 |     display: none;
158 |   }
159 |   path.link {
160 |     fill: none;
161 |     stroke: #666;
162 |     stroke-width: 1.5px;
163 |   }
164 |   path.link.twofive {
165 |     opacity: 0.25;
166 |   }
167 |   path.link.fivezero {
168 |     opacity: 0.50;
169 |   }
170 |   path.link.sevenfive {
171 |     opacity: 0.75;
172 |   }
173 |   path.link.onezerozero {
174 |     opacity: 1.0;
175 |   }
176 |   circle {
177 |     fill: #ccc;
178 |     stroke: #fff;
179 |     stroke-width: 1.5px;
180 |     cursor: crosshair;
181 |   }
182 |   text {
183 |     fill: #000;
184 |     font: 10px sans-serif;
185 |     pointer-events: none;
186 |   }
187 | </style>
188 | 
189 | <body>
190 |   <div id="body">
191 |     <div id="header">
192 |       Pivot Map
193 |       <div class="hinth">Generated by pivotmap.sh</div>
194 |     </div>
195 |     <div id="footer">
196 |       Instructions
197 |       <div class="hintf">Click to turn swelled blue
198 |         <br />ALTClick to turn green
199 |         <br />SHIFTClick to turn red
200 |         <br />Click+drag nodes to make sticky
201 |   <br />MouseScroll to zoom
202 |   <br />Click+drag empty space to pan </div>
203 |     </div>
204 |   </div>
205 |   <div id="parsed"></div>
206 | 
207 |   <script>
208 |    //convert CSV to JSON
209 |     var raw = d3.select("#csvdata").text();
210 | 
211 |     var parsed = d3.csv.parse(raw);
212 | 
213 |     d3.select("#parsed").text(JSON.stringify(parsed));
214 |     var links = JSON.parse(document.getElementById('parsed').innerHTML);
215 |      
216 |    // get the data
217 |     var nodes = {};
218 | 
219 |      // Compute the distinct nodes from the links.
220 |     links.forEach(function(link) {
221 |       link.source = nodes[link.source] ||
222 |         (nodes[link.source] = {
223 |         name: link.source
224 |       });
225 |       link.target = nodes[link.target] ||
226 |         (nodes[link.target] = {
227 |         name: link.target
228 |       });
229 |       link.value = +link.value;
230 |     });
231 | 
232 |     var width = 1960,
233 |       height = 1500;
234 | 
235 |     var force = d3.layout.force()
236 |       .nodes(d3.values(nodes))
237 |       .links(links)
238 |       .size([width, height])
239 |       .linkDistance(60)
240 |       .charge(-700)
241 |     .gravity(.15)
242 |       .on("tick", tick)
243 |       .start();
244 | 
245 |      // Set the range
246 |     var v = d3.scale.linear().range([0, 100]);
247 | 
248 |      // Scale the range of the data
249 |     v.domain([0, d3.max(links, function(d) {
250 |       return d.value;
251 |     })]);
252 | 
253 |      // assign a type per value to encode opacity
254 |     links.forEach(function(link) {
255 |       if (v(link.value) <= 25) {
256 |         link.type = "twofive";
257 |       } else if (v(link.value) <= 50 && v(link.value) > 25) {
258 |         link.type = "fivezero";
259 |       } else if (v(link.value) <= 75 && v(link.value) > 50) {
260 |         link.type = "sevenfive";
261 |       } else if (v(link.value) <= 100 && v(link.value) > 75) {
262 |         link.type = "onezerozero";
263 |       }
264 |     });
265 | 
266 |     var vis = d3.select("#body")
267 |       .append("svg:svg")
268 |       .attr("width", width)
269 |       .attr("height", height)
270 |       .attr("pointer-events", "all")
271 |       .append('svg:g')
272 |       .call(d3.behavior.zoom().on("zoom", redraw)).on("dblclick.zoom", null)
273 |       .append('svg:g');
274 | 
275 |     var svg = vis
276 | 
277 |      vis.append('svg:rect')
278 |       .attr('width', width)
279 |       .attr('height', height)
280 |       .attr('fill', 'white');
281 | 
282 |     function redraw() {
283 |       console.log("here", d3.event.translate, d3.event.scale);
284 |       vis.attr("transform",
285 |         "translate(" + d3.event.translate + ")" + " scale(" + d3.event.scale + ")");
286 |     }
287 | 
288 |      // build the arrow.
289 |     svg.append("svg:defs").selectAll("marker")
290 |       .data(["end"]) // Different link/path types can be defined here
291 |     .enter().append("svg:marker") // This section adds in the arrows
292 |     .attr("id", String)
293 |       .attr("viewBox", "0 -5 10 10")
294 |       .attr("refX", 15)
295 |       .attr("refY", -.15)
296 |       .attr("markerWidth", 6)
297 |       .attr("markerHeight", 6)
298 |       .attr("orient", "auto")
299 |       .append("svg:path")
300 |       .attr("d", "M0,-5L10,0L0,5");
301 | 
302 |      // add the links and the arrows
303 |     var path = svg.append("svg:g").selectAll("path")
304 |       .data(force.links())
305 |       .enter().append("svg:path")
306 |       .attr("class", function(d) {
307 |         return "link " + d.type;
308 |       })
309 |       .attr("marker-end", "url(#end)");
310 | 
311 |      // define the nodes
312 |     var node = svg.selectAll(".node")
313 |       .data(force.nodes())
314 |       .enter().append("g")
315 |       .attr("class", "node")
316 |     .on("mousedown", function() { d3.event.stopPropagation(); })
317 |       .on("click", click)
318 |       .on("dblclick", dblclick)
319 |       .call(force.drag);
320 | 
321 |      // add the nodes
322 |     node.append("circle")
323 |       .attr("r", 5);
324 | 
325 |      // add the text
326 |     node.append("text")
327 |       .attr("x", 12)
328 |       .attr("dy", ".35em")
329 |       .text(function(d) {
330 |         return d.name;
331 |       });
332 | 
333 |      // add the curvy lines
334 |     function tick() {
335 |       path.attr("d", function(d) {
336 |         var dx = d.target.x - d.source.x,
337 |           dy = d.target.y - d.source.y,
338 |           dr = Math.sqrt(dx * dx + dy * dy);
339 |         return "M" +
340 |           d.source.x + "," +
341 |           d.source.y + "A" +
342 |           dr + "," + dr + " 0 0,1 " +
343 |           d.target.x + "," +
344 |           d.target.y;
345 |       });
346 | 
347 |       node
348 |         .attr("transform", function(d) {
349 |           return "translate(" + d.x + "," + d.y + ")";
350 |         });
351 |     }
352 | 
353 |      // action to take on mouse click
354 |     function click(d) {
355 |       d3.select(this).select("text").transition()
356 |         .duration(750)
357 |         .attr("x", 22)
358 |         .style("fill", "steelblue")
359 |         .style("stroke", "lightsteelblue")
360 |         .style("stroke-width", ".5px")
361 |         .style("font", "20px sans-serif");
362 |       d3.select(this).select("circle").transition()
363 |         .duration(750)
364 |         .attr("r", 16)
365 |         .style("fill", "lightsteelblue");
366 |       if (d3.event.shiftKey) {
367 |         d3.select(this).select("circle").transition()
368 |           .style("fill", "red");
369 |         d3.select(this).classed("fixed", d.fixed = true);
370 |         d3.select(this).select("text").transition()
371 |           .style("fill", "red");
372 |         //.remove();
373 |         return;
374 |       }
375 |       if (d3.event.altKey) {
376 |         d3.select(this).select("circle").transition()
377 |           .style("fill", "green");
378 |         d3.select(this).classed("fixed", d.fixed = true);
379 |         d3.select(this).select("text").transition()
380 |           .style("fill", "green");
381 |         //.remove();
382 |         return;
383 |       }
384 |       d3.select(this).classed("fixed", d.fixed = true);
385 |     }
386 | 
387 |      // action to take on mouse double click
388 |     function dblclick(d) {
389 |       d3.select(this).select("circle").transition()
390 |         .duration(750)
391 |         .attr("r", 6)
392 |         .style("fill", "#ccc");
393 |       d3.select(this).select("text").transition()
394 |         .duration(750)
395 |         .attr("x", 12)
396 |         .style("stroke", "none")
397 |         .style("fill", "black")
398 |         .style("stroke", "none")
399 |         .style("font", "10px sans-serif");
400 |       d3.select(this).classed("fixed", d.fixed = false);
401 |     }
402 | 
403 |      //  });
404 |   </script>
405 | 
406 | </body>
407 | 
408 | </html>
409 | 


--------------------------------------------------------------------------------
/pivotmap.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | genmap () {
 4 | 
 5 | sed '1 s/^/source,target\
 6 | /' >> temp.test
 7 | 
 8 | sed '/dataplaceholder/{
 9 |     s/dataplaceholder//g
10 |     r temp.test
11 | }' d3chart/forceopacity.html
12 | 
13 | rm temp.test
14 | 
15 | }
16 | 
17 | if [ "$1" == "-h" ]; then
18 |   echo -e "Usage: cat sample.csv | ./pivotmap.sh > map.html"
19 |   echo -e "Examine sample.csv or so.csv for an example of how your input should be formatted."
20 |   exit 0
21 | fi
22 | 
23 | genmap


--------------------------------------------------------------------------------
/sample_data.csv:
--------------------------------------------------------------------------------
 1 | flow,ip
 2 | flow,port
 3 | flow,protocol
 4 | flow,bytes
 5 | firewall,ip
 6 | firewall,port
 7 | firewall,protocol
 8 | pcap,ip
 9 | pcap,port
10 | pcap,protocol
11 | proxy,ip
12 | proxy,port
13 | proxy,http_status
14 | proxy,http_method
15 | proxy,uri
16 | proxy,user_agent
17 | 


--------------------------------------------------------------------------------
/so.csv:
--------------------------------------------------------------------------------
 1 | bro_http,timestamp
 2 | bro_http,bro_id
 3 | bro_http,ip
 4 | bro_http,port
 5 | bro_http,http_method
 6 | bro_http,domain
 7 | bro_http,user_agent
 8 | bro_http,uri
 9 | bro_http,bytes
10 | bro_http,http_status
11 | bro_http,filename
12 | bro_http,x_originating_ip
13 | bro_http,mime_type
14 | bro_files,timestamp
15 | bro_files,bro_id
16 | bro_files,ip
17 | bro_files,port
18 | bro_files,mime_type
19 | bro_files,duration
20 | bro_files,bytes
21 | bro_files,hash
22 | bro_intel,timestamp
23 | bro_intel,bro_id
24 | bro_intel,ip
25 | bro_intel,post
26 | bro_intel,mime_type
27 | bro_intel,indicator_type
28 | bro_intel,intel_source
29 | bro_dns,timestamp
30 | bro_dns,bro_id
31 | bro_dns,protocol
32 | bro_dns,dns_trans_id
33 | bro_dns,domain
34 | bro_dns,dns_query_type
35 | bro_dns,dns_response_code
36 | bro_conn,timestamp
37 | bro_conn,bro_id
38 | bro_conn,ip
39 | bro_conn,port
40 | bro_conn,protocol
41 | bro_conn,service
42 | bro_conn,duration
43 | bro_conn,bytes
44 | bro_conn,pkt_count
45 | bro_conn,countrycode
46 | bro_notice,timestamp
47 | bro_notice,bro_id
48 | bro_notice,mime_type
49 | bro_notice,protocol
50 | bro_notice,ip
51 | bro_notice,port
52 | bro_smtp,timestamp
53 | bro_smtp,bro_id
54 | bro_smtp,mail_user_agent
55 | bro_smtp,mail_subject
56 | bro_smtp,mail_from
57 | bro_smtp,mail_to
58 | bro_smtp,mail_helo
59 | bro_smtp,x_originating_ip
60 | bro_software,timestamp
61 | bro_software,bro_id
62 | bro_software,ip
63 | bro_software,port
64 | bro_software,program_name
65 | bro_software,program_version
66 | bro_ssl,timestamp
67 | bro_ssl,bro_id
68 | bro_ssl,ip
69 | bro_ssl,port
70 | bro_ssl,ssl_version
71 | bro_ssl,domain
72 | bro_ssl,cert_subject
73 | bro_ssl,cert_expiration
74 | bro_ssl,cert_hash
75 | bro_ssl,cert_validation_status
76 | bro_ssh,timestamp
77 | bro_ssh,bro_id
78 | bro_ssh,ip
79 | bro_ssh,port
80 | bro_ssh,ssh_auth_status
81 | bro_ssh,ssh_client_string
82 | bro_ssh,ssh_server_string
83 | bro_ssh,bytes
84 | bro_tunnel,timestamp
85 | bro_tunnel,bro_id
86 | bro_tunnel,ip
87 | bro_tunnel,port
88 | bro_tunnel,tunnel_type
89 | bro_tunnel,tunnel_action
90 | bro_weird,timestamp
91 | bro_weird,bro_id
92 | bro_weird,ip
93 | bro_weird,port
94 | 


--------------------------------------------------------------------------------