feat: nouvelles techniques de détection et page tactiques SOC

SQL: - Ajout 5 colonnes d'agrégation (count_xff, count_unusual_ct, count_non_std_port, count_login_post, sec_ch_mobile_mismatch) - Exposition de 5 features calculées dans view_ai_features_1h - Migration ALTER TABLE pour déploiements existants Bot-detector: - 7 nouvelles features ML (has_xff, unusual_content_type_ratio, non_standard_port_ratio, login_post_concentration, sec_ch_mobile_mismatch, true_window_size, window_mss_ratio) - Propagation campaign_id vers ml_all_scores (était toujours -1) - Escalade campagne : HIGH→CRITICAL si cluster ≥5 membres Dashboard: - Page Tactiques SOC : brute-force, rotation JA4, récurrence, alertes temps réel — 4 KPIs + 4 panneaux + infobulles doc - Ajout fmtDate() helper global - Navigation sidebar mise à jour Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-09 14:29:18 +02:00
parent 702c0d5edb
commit 039086a0b3
9 changed files with 295 additions and 5 deletions
--- a/services/dashboard/backend/routes/pages.py
+++ b/services/dashboard/backend/routes/pages.py
@ -71,3 +71,8 @@ async def ja4_detail_page(request: Request, fingerprint: str):
@router.get("/cluster/{cid}")
 async def cluster_detail_page(request: Request, cid: int):
    return templates.TemplateResponse("cluster_detail.html", _ctx(request, "cluster_detail", cid=cid))
+
+
+@router.get("/tactics")
+async def tactics_page(request: Request):
+    return templates.TemplateResponse("tactics.html", _ctx(request, "tactics"))