import tkinter as tk from tkinter import messagebox def calculate_security_operation_score(alerts_4h=0, alerts_24h=0, alerts_12h=0, alerts_72h=0, unresolved_tickets=0, high_severity_vulns=0, medium_severity_vulns=0, low_severity_vulns=0): """ 计算安全运营得分 :param alerts_4h: :param alerts_24h: :param alerts_12h: :param alerts_72h: :param unresolved_tickets: :param high_severity_vulns: :param medium_severity_vulns: :param low_severity_vulns: :return: """ alert_score_1st_line = alerts_4h * 10 + alerts_24h * 100 alert_score_2nd_line = alerts_12h * 2 + alerts_72h * 20 ticket_score = unresolved_tickets * 10 vuln_score = high_severity_vulns * 10 + medium_severity_vulns * 5 + low_severity_vulns * 2 security_operation_score = alert_score_1st_line + alert_score_2nd_line + ticket_score + vuln_score return security_operation_score def calculate_attack_risk(alerts_today=0, high_severity_tickets=0, medium_severity_tickets=0, low_severity_tickets=0, max_score=0, median_score=0): """ 计算受攻击风险得分 :param alerts_today: :param high_severity_tickets: :param medium_severity_tickets: :param low_severity_tickets: :param max_score: :param median_score: :return: """ log_alert_score = alerts_today vulnerability_ticket_score = high_severity_tickets * 500 + medium_severity_tickets * 300 + low_severity_tickets * 100 original_score = log_alert_score + vulnerability_ticket_score try: if median_score != 0: if original_score > median_score: risk_score = 50 + (original_score - median_score) / (max_score - median_score) * 50 else: risk_score = 50 - (median_score - original_score) / median_score * 50 else: risk_score = 0 except ZeroDivisionError as e: raise ZeroDivisionError('注意:除数不能是0') attack_risk = round(risk_score * 0.7) return attack_risk def calculate_risk_score(security_operation_score=0, attack_risk=0): """ 计算风险得分 :param security_operation_score: :param attack_risk: :return: """ if attack_risk * 70 / 100 + security_operation_score < 100: risk_score = attack_risk * 70 / 100 + security_operation_score else: risk_score = 100 return risk_score def get_entry_value(entry): value = entry.get() if value.strip() == '': return 0 return int(value) def calculate_risk_score_get_value(): """ 获取输入框中的值 :return: """ try: alerts_4h = get_entry_value(alerts_4h_entry) alerts_24h = get_entry_value(alerts_24h_entry) alerts_12h = get_entry_value(alerts_12h_entry) alerts_72h = get_entry_value(alerts_72h_entry) unresolved_tickets = get_entry_value(unresolved_tickets_entry) high_severity_vulns = get_entry_value(high_severity_vulns_entry) medium_severity_vulns = get_entry_value(medium_severity_vulns_entry) low_severity_vulns = get_entry_value(low_severity_vulns_entry) alerts_today = get_entry_value(alerts_today_entry) high_severity_tickets = get_entry_value(high_severity_tickets_entry) medium_severity_tickets = get_entry_value(medium_severity_tickets_entry) low_severity_tickets = get_entry_value(low_severity_tickets_entry) max_score = get_entry_value(max_score_entry) median_score = get_entry_value(median_score_entry) security_operation_score = calculate_security_operation_score(alerts_4h, alerts_24h, alerts_12h, alerts_72h, unresolved_tickets, high_severity_vulns, medium_severity_vulns, low_severity_vulns) attack_risk = calculate_attack_risk(alerts_today, high_severity_tickets, medium_severity_tickets, low_severity_tickets, max_score, median_score) risk_score = calculate_risk_score(security_operation_score, attack_risk) # 显示计算出的风险分数 risk_score_result_label.config(text=f"风险值得分: {risk_score}") # 显示计算受攻击风险分数 attack_risk_result_label.config(text=f"受攻击风险值得分: {attack_risk}") # 显示计算出的安全运营分数 security_operation_score_result_label.config(text=f"安全运营值得分: {security_operation_score}") except ValueError: messagebox.showerror("Error", "Invalid input. Please enter integer values.") # 创建主窗口 window = tk.Tk() window.title("计算器:风险分值、安全运营分值、受攻击风险分值") window.geometry('500x550') # 创建输入标签和输入框及位置 alerts_4h_label = tk.Label(window, text="4小时前未处置的一线告警数:") alerts_4h_label.pack() alerts_4h_label.place(x=10, y=10) alerts_4h_entry = tk.Entry(window) alerts_4h_entry.pack() alerts_4h_entry.place(x=200, y=10) alerts_24h_label = tk.Label(window, text="24小时前未处置的一线告警数:") alerts_24h_label.pack() alerts_24h_label.place(x=10, y=40) alerts_24h_entry = tk.Entry(window) alerts_24h_entry.pack() alerts_24h_entry.place(x=200, y=40) alerts_12h_label = tk.Label(window, text="12小时前未处置的二线告警数:") alerts_12h_label.pack() alerts_12h_label.place(x=10, y=70) alerts_12h_entry = tk.Entry(window) alerts_12h_entry.pack() alerts_12h_entry.place(x=200, y=70) alerts_72h_label = tk.Label(window, text="72小时前未处置的二线告警数:") alerts_72h_label.pack() alerts_72h_label.place(x=10, y=100) alerts_72h_entry = tk.Entry(window) alerts_72h_entry.pack() alerts_72h_entry.place(x=200, y=100) unresolved_tickets_label = tk.Label(window, text="未处置的告警处置单数:") unresolved_tickets_label.pack() unresolved_tickets_label.place(x=10, y=130) unresolved_tickets_entry = tk.Entry(window) unresolved_tickets_entry.pack() unresolved_tickets_entry.place(x=200, y=130) high_severity_vulns_label = tk.Label(window, text="漏洞级别为超高、高的未修复数:") high_severity_vulns_label.pack() high_severity_vulns_label.place(x=10, y=160) high_severity_vulns_entry = tk.Entry(window) high_severity_vulns_entry.pack() high_severity_vulns_entry.place(x=200, y=160) medium_severity_vulns_label = tk.Label(window, text="漏洞级别为中的未修复漏洞数:") medium_severity_vulns_label.pack() medium_severity_vulns_label.place(x=10, y=190) medium_severity_vulns_entry = tk.Entry(window) medium_severity_vulns_entry.pack() medium_severity_vulns_entry.place(x=200, y=190) low_severity_vulns_label = tk.Label(window, text="漏洞级别为低的未修复漏洞数:") low_severity_vulns_label.pack() low_severity_vulns_label.place(x=10, y=220) low_severity_vulns_entry = tk.Entry(window) low_severity_vulns_entry.pack() low_severity_vulns_entry.place(x=200, y=220) alerts_today_label = tk.Label(window, text="当天日志总数:") alerts_today_label.pack() alerts_today_label.place(x=10, y=250) alerts_today_entry = tk.Entry(window) alerts_today_entry.pack() alerts_today_entry.place(x=200, y=250) max_score_label = tk.Label(window, text="当天所有分行日志数中的最大值:") max_score_label.pack() max_score_label.place(x=10, y=280) max_score_entry = tk.Entry(window) max_score_entry.pack() max_score_entry.place(x=200, y=280) median_score_label = tk.Label(window, text="当天所有分行日志数的中位数:") median_score_label.pack() median_score_label.place(x=10, y=310) median_score_entry = tk.Entry(window) median_score_entry.pack() median_score_entry.place(x=200, y=310) high_severity_tickets_label = tk.Label(window, text="当年漏洞处置单级别为超高、高的已关闭状态数:") high_severity_tickets_label.pack() high_severity_tickets_label.place(x=10, y=340) high_severity_tickets_entry = tk.Entry(window) high_severity_tickets_entry.pack() high_severity_tickets_entry.place(x=270, y=340) medium_severity_tickets_label = tk.Label(window, text="当年漏洞处置单级别为中的已关闭状态数:") medium_severity_tickets_label.pack() medium_severity_tickets_label.place(x=10, y=370) medium_severity_tickets_entry = tk.Entry(window) medium_severity_tickets_entry.pack() medium_severity_tickets_entry.place(x=270, y=370) low_severity_tickets_label = tk.Label(window, text="当年漏洞处置单级别为中的已关闭状态数:") low_severity_tickets_label.pack() low_severity_tickets_label.place(x=10, y=400) low_severity_tickets_entry = tk.Entry(window) low_severity_tickets_entry.pack() low_severity_tickets_entry.place(x=270, y=400) # 创建一个按钮触发计算 calculate_button = tk.Button(window, text="计算分值", command=calculate_risk_score_get_value, bg='green') calculate_button.pack() calculate_button.place(x=10, y=430) # 创建标签显示风险值得分结果 risk_score_result_label = tk.Label(window, text="风险值得分: ") risk_score_result_label.pack() risk_score_result_label.place(x=10, y=460) # 创建标签显示受攻击风险值得分结果 attack_risk_result_label = tk.Label(window, text='受攻击风险值得分:') attack_risk_result_label.pack() attack_risk_result_label.place(x=10, y=490) # 创建标签显示受攻击风险值得分结果 security_operation_score_result_label = tk.Label(window, text='受攻击风险值得分:') security_operation_score_result_label.pack() security_operation_score_result_label.place(x=10, y=520) # 启动Tkinter事件循环 window.mainloop()