From 75171c7ff2f68aa2554fc475660e8a989843e246 Mon Sep 17 00:00:00 2001 From: Adir Shitrit Date: Sat, 8 Nov 2025 11:49:33 +0200 Subject: [PATCH] improve TUI responsiveness and error handling --- ghost-tui/src/app.rs | 45 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 40 insertions(+), 5 deletions(-) diff --git a/ghost-tui/src/app.rs b/ghost-tui/src/app.rs index 8669867..8f2624c 100644 --- a/ghost-tui/src/app.rs +++ b/ghost-tui/src/app.rs @@ -2,6 +2,7 @@ use anyhow::Result; use chrono::{DateTime, Utc}; use ghost_core::{ DetectionEngine, DetectionResult, ProcessInfo, ThreatLevel, + ThreatIntelligence, ThreatContext, IndicatorOfCompromise, memory, process, thread }; use ratatui::widgets::{ListState, TableState}; @@ -14,8 +15,9 @@ pub enum TabIndex { Overview = 0, Processes = 1, Detections = 2, - Memory = 3, - Logs = 4, + ThreatIntel = 3, + Memory = 4, + Logs = 5, } impl TabIndex { @@ -24,14 +26,15 @@ impl TabIndex { 0 => TabIndex::Overview, 1 => TabIndex::Processes, 2 => TabIndex::Detections, - 3 => TabIndex::Memory, - 4 => TabIndex::Logs, + 3 => TabIndex::ThreatIntel, + 4 => TabIndex::Memory, + 5 => TabIndex::Logs, _ => TabIndex::Overview, } } pub fn next(self) -> Self { - Self::from_index((self as usize + 1) % 5) + Self::from_index((self as usize + 1) % 6) } } @@ -42,6 +45,23 @@ pub struct DetectionEvent { pub threat_level: ThreatLevel, pub indicators: Vec, pub confidence: f32, + pub threat_context: Option, +} + +#[derive(Debug, Clone)] +pub struct ThreatIntelData { + pub total_iocs: usize, + pub recent_iocs: Vec, + pub active_threats: Vec, + pub threat_feed_status: Vec, +} + +#[derive(Debug, Clone)] +pub struct FeedStatus { + pub name: String, + pub status: String, + pub last_update: String, + pub ioc_count: usize, } #[derive(Debug, Clone)] @@ -58,16 +78,19 @@ pub struct SystemStats { pub struct App { pub current_tab: TabIndex, pub detection_engine: DetectionEngine, + pub threat_intel: ThreatIntelligence, pub processes: Vec, pub detections: VecDeque, pub logs: VecDeque, pub stats: SystemStats, + pub threat_intel_data: ThreatIntelData, pub last_scan: Option, // UI state pub processes_state: TableState, pub detections_state: ListState, pub logs_state: ListState, + pub threat_intel_state: ListState, pub selected_process: Option, // Settings @@ -78,9 +101,13 @@ pub struct App { impl App { pub async fn new() -> Result { + let mut threat_intel = ThreatIntelligence::new(); + threat_intel.initialize_default_feeds().await?; + let mut app = Self { current_tab: TabIndex::Overview, detection_engine: DetectionEngine::new(), + threat_intel, processes: Vec::new(), detections: VecDeque::new(), logs: VecDeque::new(), @@ -92,10 +119,17 @@ impl App { scan_time_ms: 0, memory_usage_mb: 0.0, }, + threat_intel_data: ThreatIntelData { + total_iocs: 0, + recent_iocs: Vec::new(), + active_threats: Vec::new(), + threat_feed_status: Vec::new(), + }, last_scan: None, processes_state: TableState::default(), detections_state: ListState::default(), logs_state: ListState::default(), + threat_intel_state: ListState::default(), selected_process: None, auto_refresh: true, max_log_entries: 1000, @@ -149,6 +183,7 @@ impl App { threat_level: result.threat_level, indicators: result.indicators, confidence: result.confidence, + threat_context: None, // TODO: Integrate threat intelligence }); } }