UI reporting - unify rule reports to integrate all rule data types #2878
Description
This should provide a unified view for all firewall types (which have different rule data types for src/dst/svc):
- standard firewalls
- (private/public) cloud firewalls using labels
- host-based firewalls also using lables, process data, ...
examples and first candidates: Guardicore, illumio
decisions
- how to avoid filtering by gateway for host based firewalls (which does not make a lot of sense)
report design
- always fetch all rule data available from API (performance might deteriorate!)
- for the columns source, destination, service we can display the following different data types:
- objects
- users
- zones (currently separate column
- labels
- processes
- domains
- pure data (currently resolved report type)
- in LSB: only display select boxes for data that is available for current report
- offer smart display only showing available data
- need to decide how to render the data so that we
- do not have to many (empty) columns
- can see what type of data is displayed
- can separate displayed data types clearly
- can set a parameter "how many lines to display" per cell
- the report export functionality must be configurable (if scheduled) to reflect the respective view and should export the current view if called interactively
database changes
- add tables: label, label-group, label2rule, processes, rule_part (enum source, destination, service, whole rule, user)
- label table:
- label_id: int
- label_name: varchar unique not null
- mgm_id: int
- label_criteria: varchar (e.g. "Name starts with Accounting")
- label2rule table:
- label_id: int
- rule_id: bigint
- rule_part_id: int
- created: bigint
- removed: bigint