Configurable Keyboard Shortcuts

From NSMWiki

Jump to: navigation, search

Are there any keyboard shortcuts in the sguil 0.7 client? (besides F1-F9)

I'm not a big mouse user, and the following features would be nice to have

Shortcuts

e.g.

Event History (Ctrl-E?) View Transcript (Ctrl-T?) Wireshark (?)

Quick Queries (Ctrl-Q to bring up the menu, and then 'e' to go to event queries, ...) This would presumably require some way to move between fields in a event/result item, to highlight the source or dst IP. maybe the arrow keys or ctrl-f would be good for that. Or the menus could be changed to allow you to choose which IP to query.

Toggle Reverse DNS (Ctrl-R?) Toggle Show Packet Toggle Show Rule


Open the context menus (right click)... MS uses the 'properties key', as well as shift-F10 for this.

Close popup windows (Escape and/or Ctrl-W?) Alt-F4 is too hard :p

F1-F8 actions with comments (Shift-Fn or Alt-Fn?)

Transcript window:

  • TAB key does nothing productive
  • jump to search box (Alt-S or Ctrl-F?)

Main Window Navigation:

  • PgUp/PgDn/Home/End don't do anything. :(
  • Alternatives to Up/Down arrows, such as Ctrl-N or similar?
  • Switch frames (between High, Medium, Low, etc) (TAB?)
  • Switch Tabs (top tabs, Realtime, Escalated, etc) (Ctrl-TAB?)


Sorting results... Personally, I'm used to file managers where Ctrl-F3 sorts by name, CTRL-F5 by date, ... the ability to do that in Sguil would be nice.


Ideally, these shortcuts would be editable in sguil.conf

I did see a patch for changing some Fn shortcuts for MAC clients, but it was for 0.5.


Other UI quirks / requests

TAB key does nothing productive in transcript window.

Sometimes the event which was highlighted no longer appears highlighted when you come back to sguil from wireshark or a popup. This makes it very difficult to remember exactly which event you were looking at.

View Transcript-Force New and Wireshark-Force New don't do anything different for me on Fedora 9 (ALL the commands open a new window)

Maximize & restore the sections for High/med/low, and switch between 1 box and 3 (I know this last part is in the config file, but a hotkey for it would be nice too).

Copy event name to clipboard? (add this as an item on the context menu?)


I don't know TCL, or any UI programming for that matter, but I'd be happy to work on the config file if there's an exportable list of 'commands' and a way to map keys to them.

Trying to choose similar shortcuts as Wireshark uses might be a good idea. (not that I'm very familiar with them, atm.)

--Barrygould 05:49, 29 July 2008 (UTC)

Retrieved from "http://nsmwiki.org/Configurable_Keyboard_Shortcuts"