add Suricata 7 support to Suricata (#16044)

* breakout handling of suricata extend v. 1 returns

* initial work for suricata 7.0.0

* add shared file for various Suricata related variables

* update handling for new Suricata stuff

* fix suricata rrd name bits

* update suricata app page a bit

* misc

* add a new v2 suricata graph

* more suricata v2 graphs

* fix app data for suricata

* more graph work

* fix initial graphs

* the page selector for suricata v2

* more cleanup for suricata stuff

* add more graphs

* add suricata_v2_pkt_drop.inc.php

* add suricata_v2_error_delta.inc.php

* add suricata app layer flows graph

* add app layer tx

* start work on bypassed

* add flow bypass stuff

* add suricata error stuff

* add more graphs

* more suricata v2 work

* ...

* add packets overview

* cleanup suricata_packets_overview.inc.php

* more work on the overview graphs

* error delta is now per second

* cleanup suricata_v2_app_layer_error_alloc.inc.php

* add new flow proto stuff

* add suricata_v2_flow_proto

* add new overview graph

* update v2 app layer flows graph

* more v2 graph cleanup

* suricata graph cleanup

* suricata_dec_proto_overview now works

* more graph work for suricata

* more graph work

* add another overview graph

* snmp fix

* add a new overview graph

* add a new over view

* more graph stuff

* more memory graphs

* tidy pages bit

* more work on decoder stuff

* more decoder work

* decoder stuff done

* cleanup suricata_packets_overview.inc.php

* appl layer tx work

* add app flow stuff

* fix suricata_v2_decoder__event__ethernet.inc.php

* fix suricata_v2_decoder__event__ipv4.inc.php

* fix suricata_v2_decoder__event__ipv6.inc.php

* add alloc error stuff

* more error related work

* more error stuff

* start work on internal errors

* add internal error graphs

* parser error stuff done

* more decoder work

* decoder icmpv4

* more decoder work

* ltnull done

* mpls decoder stuff

* nsh decoder work

* decoder ppp done

* more decoder work

* more decoder work

* more vlan work

* vntag decoder stuff done

* descr_len auto set for generic stats

* ipv6 decoder stuff done

* style fix

* style fix

* more style cleanup

* more suricata graph work

* fix require usage

* tweak drop info a bit

* add some checks for for with suricata 7.0.4

* more suricata tweaks

* fix sagan instance handling

* another minor fix

* fix improper munging

* rever something accidentally added to this repo

* add linux_suricata-v2.snmprex

* rename the metrics for instances from instance_ to instances_

* add linux_suricata-v2.json test data

* style fix

* minor munging tweak

* style cleanup

* some app data fixes

* remove a typo from test data

* add deleted_at and make sure discovered is numeric and not a string 1

* derp... json fix

* remove something accidentally added

* fix a small erorr in the test data

* add a missing variable to the test data

* try another tweak for suricata json test stuff

* derp... fix a type in the suricata poller

* revert a test data change

* re-order some the metrics in the test

* some more metric re-ordering

* add a missing status

* remove something that was accidentally added to this branch instead of another

* strcmp cleanup

* style fix

includes/html/graphs/application/suricata_app_flows_overview.inc.php

@@ -0,0 +1,438 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'flows/sec';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 1;
+$addarea = 0;
+$transparency = 15;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$app_layer__flow__bittorrent_dht_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__bittorrent-dht']);
+$app_layer__flow__dcerpc_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__dcerpc_tcp']);
+$app_layer__flow__dcerpc_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__dcerpc_udp']);
+$app_layer__flow__dhcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__dhcp']);
+$app_layer__flow__dnp3_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__dnp3']);
+$app_layer__flow__dns_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__dns_tcp']);
+$app_layer__flow__dns_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__dns_udp']);
+$app_layer__flow__enip_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__enip_tcp']);
+$app_layer__flow__enip_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__enip_udp']);
+$app_layer__flow__failed_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__failed_tcp']);
+$app_layer__flow__failed_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__failed_udp']);
+$app_layer__flow__ftp_data_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__ftp-data']);
+$app_layer__flow__ftp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__ftp']);
+$app_layer__flow__http_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__http']);
+$app_layer__flow__http2_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__http2']);
+$app_layer__flow__ike_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__ike']);
+$app_layer__flow__imap_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__imap']);
+$app_layer__flow__krb5_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__krb5_tcp']);
+$app_layer__flow__krb5_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__krb5_udp']);
+$app_layer__flow__modbus_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__modbus']);
+$app_layer__flow__mqtt_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__mqtt']);
+$app_layer__flow__nfs_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__nfs_tcp']);
+$app_layer__flow__nfs_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__nfs_udp']);
+$app_layer__flow__ntp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__ntp']);
+$app_layer__flow__pgsql_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__pgsql']);
+$app_layer__flow__quic_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__quic']);
+$app_layer__flow__rdp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__rdp']);
+$app_layer__flow__rfb_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__rfb']);
+$app_layer__flow__sip_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__sip']);
+$app_layer__flow__smb_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__smb']);
+$app_layer__flow__smtp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__smtp']);
+$app_layer__flow__snmp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__snmp']);
+$app_layer__flow__ssh_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__ssh']);
+$app_layer__flow__telnet_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__telnet']);
+$app_layer__flow__tftp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__tftp']);
+$app_layer__flow__tls_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__flow__tls']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($app_layer__flow__bittorrent_dht_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__bittorrent_dht_rrd_filename,
+        'descr' => 'BT DHT',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__dcerpc_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__dcerpc_tcp_rrd_filename,
+        'descr' => 'DCERPC, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__dcerpc_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__dcerpc_udp_rrd_filename,
+        'descr' => 'DCERPC, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__dhcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__dhcp_rrd_filename,
+        'descr' => 'DHCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__dnp3_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__dnp3_rrd_filename,
+        'descr' => 'DNP3',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__dns_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__dns_tcp_rrd_filename,
+        'descr' => 'DNS, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__dns_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__dns_udp_rrd_filename,
+        'descr' => 'DNS, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__enip_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__enip_tcp_rrd_filename,
+        'descr' => 'ENIP, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__enip_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__enip_udp_rrd_filename,
+        'descr' => 'ENIP, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__failed_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__failed_tcp_rrd_filename,
+        'descr' => 'Failed TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__failed_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__failed_udp_rrd_filename,
+        'descr' => 'Failed UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__ftp_data_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__ftp_data_rrd_filename,
+        'descr' => 'FTP-Data',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__ftp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__ftp_rrd_filename,
+        'descr' => 'FTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__http_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__http_rrd_filename,
+        'descr' => 'HTTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__http2_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__http2_rrd_filename,
+        'descr' => 'HTTP2',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__ike_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__ike_rrd_filename,
+        'descr' => 'IKE',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__imap_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__imap_rrd_filename,
+        'descr' => 'IMAP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__krb5_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__krb5_tcp_rrd_filename,
+        'descr' => 'KRB5, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__krb5_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__krb5_udp_rrd_filename,
+        'descr' => 'KRB5, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__modbus_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__modbus_rrd_filename,
+        'descr' => 'ModBus',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__mqtt_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__mqtt_rrd_filename,
+        'descr' => 'MQTT',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__nfs_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__nfs_tcp_rrd_filename,
+        'descr' => 'NFS, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__nfs_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__nfs_udp_rrd_filename,
+        'descr' => 'NFS, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__ntp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__ntp_rrd_filename,
+        'descr' => 'NTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__pgsql_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__pgsql_rrd_filename,
+        'descr' => 'PostgreSQL',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__quic_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__quic_rrd_filename,
+        'descr' => 'QUIC',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__rdp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__rdp_rrd_filename,
+        'descr' => 'RDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__rfb_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__rfb_rrd_filename,
+        'descr' => 'RFB',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__sip_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__sip_rrd_filename,
+        'descr' => 'SIP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__smb_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__smb_rrd_filename,
+        'descr' => 'SMB',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__smtp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__smtp_rrd_filename,
+        'descr' => 'SMTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__snmp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__snmp_rrd_filename,
+        'descr' => 'SNMP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__ssh_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__ssh_rrd_filename,
+        'descr' => 'SSH',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__telnet_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__telnet_rrd_filename,
+        'descr' => 'Telnet',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__tftp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__tftp_rrd_filename,
+        'descr' => 'TFTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__flow__tls_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__flow__tls_rrd_filename,
+        'descr' => 'TLS',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_list[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DCERPC TCP',
+        'ds' => 'af_dcerpc_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DCERPC UDP',
+        'ds' => 'af_dcerpc_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DHCP',
+        'ds' => 'af_dhcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DNS TCP',
+        'ds' => 'af_dns_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DNS UDP',
+        'ds' => 'af_dns_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Failed TCP',
+        'ds' => 'af_failed_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Failed UDP',
+        'ds' => 'af_failed_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'FTP',
+        'ds' => 'af_ftp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'FTP-DATA',
+        'ds' => 'af_ftp_data',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'HTTP',
+        'ds' => 'af_http',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'IKEv2',
+        'ds' => 'af_ikev2',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'IMAP',
+        'ds' => 'af_imap',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Krb5 TCP',
+        'ds' => 'af_krb5_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Krb5 UDP',
+        'ds' => 'af_krb5_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'MQTT',
+        'ds' => 'af_mqtt',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'NFS TCP',
+        'ds' => 'af_nfs_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'NFS UDP',
+        'ds' => 'af_nfs_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'RDP',
+        'ds' => 'af_rdp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'RFB',
+        'ds' => 'af_rfb',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SIP',
+        'ds' => 'af_sip',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SMB',
+        'ds' => 'af_smb',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SMTP',
+        'ds' => 'af_smtp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SNMP',
+        'ds' => 'af_snmp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'ssh',
+        'ds' => 'af_ssh',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TFTP',
+        'ds' => 'af_tftp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TLS',
+        'ds' => 'af_tls',
+    ];
+}
+if (! isset($rrd_list[0])) {
+    d_echo('No RRDs found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_app_tx_overview.inc.php

@@ -0,0 +1,412 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'packets/sec';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 1;
+$addarea = 0;
+$transparency = 15;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$app_layer__tx__bittorrent_dht_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__bittorrent-dht']);
+$app_layer__tx__dcerpc_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__dcerpc_tcp']);
+$app_layer__tx__dcerpc_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__dcerpc_udp']);
+$app_layer__tx__dhcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__dhcp']);
+$app_layer__tx__dnp3_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__dnp3']);
+$app_layer__tx__dns_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__dns_tcp']);
+$app_layer__tx__dns_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__dns_udp']);
+$app_layer__tx__enip_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__enip_tcp']);
+$app_layer__tx__enip_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__enip_udp']);
+$app_layer__tx__ftp_data_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__ftp-data']);
+$app_layer__tx__ftp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__ftp']);
+$app_layer__tx__http_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__http']);
+$app_layer__tx__http2_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__http2']);
+$app_layer__tx__ike_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__ike']);
+$app_layer__tx__imap_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__imap']);
+$app_layer__tx__krb5_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__krb5_tcp']);
+$app_layer__tx__krb5_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__krb5_udp']);
+$app_layer__tx__modbus_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__modbus']);
+$app_layer__tx__mqtt_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__mqtt']);
+$app_layer__tx__nfs_tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__nfs_tcp']);
+$app_layer__tx__nfs_udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__nfs_udp']);
+$app_layer__tx__ntp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__ntp']);
+$app_layer__tx__pgsql_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__pgsql']);
+$app_layer__tx__quic_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__quic']);
+$app_layer__tx__rdp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__rdp']);
+$app_layer__tx__rfb_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__rfb']);
+$app_layer__tx__sip_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__sip']);
+$app_layer__tx__smb_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__smb']);
+$app_layer__tx__smtp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__smtp']);
+$app_layer__tx__snmp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__snmp']);
+$app_layer__tx__ssh_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__ssh']);
+$app_layer__tx__telnet_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__telnet']);
+$app_layer__tx__tftp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__tftp']);
+$app_layer__tx__tls_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__tx__tls']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($app_layer__tx__bittorrent_dht_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__bittorrent_dht_rrd_filename,
+        'descr' => 'BT DHT',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__dcerpc_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__dcerpc_tcp_rrd_filename,
+        'descr' => 'DCERPC, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__dcerpc_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__dcerpc_udp_rrd_filename,
+        'descr' => 'DCERPC, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__dhcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__dhcp_rrd_filename,
+        'descr' => 'DHCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__dnp3_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__dnp3_rrd_filename,
+        'descr' => 'DNP3',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__dns_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__dns_tcp_rrd_filename,
+        'descr' => 'DNS, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__dns_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__dns_udp_rrd_filename,
+        'descr' => 'DNS, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__enip_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__enip_tcp_rrd_filename,
+        'descr' => 'ENIP, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__enip_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__enip_udp_rrd_filename,
+        'descr' => 'ENIP, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__ftp_data_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__ftp_data_rrd_filename,
+        'descr' => 'FTP-Data',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__ftp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__ftp_rrd_filename,
+        'descr' => 'FTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__http_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__http_rrd_filename,
+        'descr' => 'HTTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__http2_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__http2_rrd_filename,
+        'descr' => 'HTTP2',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__ike_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__ike_rrd_filename,
+        'descr' => 'IKE',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__imap_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__imap_rrd_filename,
+        'descr' => 'IMAP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__krb5_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__krb5_tcp_rrd_filename,
+        'descr' => 'KRB5, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__krb5_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__krb5_udp_rrd_filename,
+        'descr' => 'KRB5, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__modbus_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__modbus_rrd_filename,
+        'descr' => 'Modbus',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__mqtt_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__mqtt_rrd_filename,
+        'descr' => 'MQTT',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__nfs_tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__nfs_tcp_rrd_filename,
+        'descr' => 'NFS, TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__nfs_udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__nfs_udp_rrd_filename,
+        'descr' => 'NFS, UDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__ntp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__ntp_rrd_filename,
+        'descr' => 'NTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__pgsql_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__pgsql_rrd_filename,
+        'descr' => 'PostgreSQL',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__quic_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__quic_rrd_filename,
+        'descr' => 'QUIC',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__rdp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__rdp_rrd_filename,
+        'descr' => 'RDP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__rfb_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__rfb_rrd_filename,
+        'descr' => 'RFB',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__sip_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__sip_rrd_filename,
+        'descr' => 'SIP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__smb_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__smb_rrd_filename,
+        'descr' => 'SMB',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__smtp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__smtp_rrd_filename,
+        'descr' => 'SMTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__snmp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__snmp_rrd_filename,
+        'descr' => 'SNMP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__ssh_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__ssh_rrd_filename,
+        'descr' => 'SSH',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__telnet_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__telnet_rrd_filename,
+        'descr' => 'Telnet',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__tftp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__tftp_rrd_filename,
+        'descr' => 'TFTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($app_layer__tx__tls_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $app_layer__tx__tls_rrd_filename,
+        'descr' => 'TLS',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_list[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DCERPC TCP',
+        'ds' => 'at_dcerpc_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DCERPC UDP',
+        'ds' => 'at_dcerpc_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DHCP',
+        'ds' => 'at_dhcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DNS TCP',
+        'ds' => 'at_dns_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'DNS UDP',
+        'ds' => 'at_dns_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'FTP',
+        'ds' => 'at_ftp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'FTP-DATA',
+        'ds' => 'at_ftp_data',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'HTTP',
+        'ds' => 'at_http',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'IKEv2',
+        'ds' => 'at_ikev2',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'IMAP',
+        'ds' => 'at_imap',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Krb5 TCP',
+        'ds' => 'at_krb5_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Krb5 UDP',
+        'ds' => 'at_krb5_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'MQTT',
+        'ds' => 'at_mqtt',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'NFS TCP',
+        'ds' => 'at_nfs_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'NFS UDP',
+        'ds' => 'at_nfs_udp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'RDP',
+        'ds' => 'at_rdp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'RFB',
+        'ds' => 'at_rfb',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SIP',
+        'ds' => 'at_sip',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SMB',
+        'ds' => 'at_smb',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SMTP',
+        'ds' => 'at_smtp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'SNMP',
+        'ds' => 'at_snmp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'ssh',
+        'ds' => 'at_ssh',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TFTP',
+        'ds' => 'at_tftp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TLS',
+        'ds' => 'at_tls',
+    ];
+}
+if (! isset($rrd_list[0])) {
+    d_echo('RRD "' . $app_layer__tx__tls_rrd_filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_bytes_overview.inc.php

@@ -0,0 +1,58 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'bytes/sec';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 1;
+$addarea = 0;
+$descr_len = 20;
+$transparency = 15;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$decoder__bytes_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__bytes']);
+$flow_bypassed__bytes_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow_bypassed__bytes']);
+$flow_bypassed__local_bytes_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow_bypassed__local_bytes']);
+$flow_bypassed__local_capture_bytes_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow_bypassed__local_capture_bytes']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($decoder__bytes_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__bytes_rrd_filename,
+        'descr' => 'Decoder',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($flow_bypassed__bytes_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow_bypassed__bytes_rrd_filename,
+        'descr' => 'Flow Bypassed',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($flow_bypassed__local_bytes_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow_bypassed__local_bytes_rrd_filename,
+        'descr' => 'Flow Loc Bypassed',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($flow_bypassed__local_capture_bytes_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow_bypassed__local_capture_bytes_rrd_filename,
+        'descr' => 'Flow Loc Byp Cap',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_files[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Bytes',
+        'ds' => 'bytes',
+    ];
+}
+if (! isset($rrd_files[0])) {
+    d_echo('No RRDs found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_dec_proto_overview.inc.php

@@ -0,0 +1,282 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'flows';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 0;
+$addarea = 0;
+$transparency = 15;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$decoder__arp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__arp']);
+$decoder__chdlc_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__chdlc']);
+$decoder__erspan_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__erspan']);
+$decoder__esp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__esp']);
+$decoder__ethernet_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ethernet']);
+$decoder__geneve_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__geneve']);
+$decoder__gre_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__gre']);
+$decoder__icmpv4_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__icmpv4']);
+$decoder__icmpv6_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__icmpv6']);
+$decoder__ieee8021ah_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ieee8021ah']);
+$decoder__invalid_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__invalid']);
+$decoder__ipv4_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ipv4']);
+$decoder__ipv6_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ipv6']);
+$decoder__ipv4_in_ipv6_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ipv4_in_ipv6']);
+$decoder__ipv6_in_ipv6_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ipv6_in_ipv6']);
+$decoder__mpls_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__mpls']);
+$decoder__nsh_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__nsh']);
+$decoder__null_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__null']);
+$decoder__ppp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ppp']);
+$decoder__pppoe_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__pppoe']);
+$decoder__raw_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__raw']);
+$decoder__sctp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__sctp']);
+$decoder__sll_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__sll']);
+$decoder__tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__tcp']);
+$decoder__teredo_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__teredo']);
+$decoder__too_many_layers_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__too_many_layers']);
+$decoder__udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__udp']);
+$decoder__vlan_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__vlan']);
+$decoder__vlan_qinq_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__vlan_qinq']);
+$decoder__vlan_qinqinq_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__vlan_qinqinq']);
+$decoder__vntag_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__vntag']);
+$decoder__vxlan_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__vxlan']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($decoder__arp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__arp_rrd_filename,
+        'descr' => 'ARP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__chdlc_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__chdlc_rrd_filename,
+        'descr' => 'CHDLC',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__erspan_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__erspan_rrd_filename,
+        'descr' => 'ERSPAN',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__esp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__esp_rrd_filename,
+        'descr' => 'ESP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ethernet_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ethernet_rrd_filename,
+        'descr' => 'Ethernet',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__geneve_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__geneve_rrd_filename,
+        'descr' => 'Geneve',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__gre_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__gre_rrd_filename,
+        'descr' => 'GRE',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__icmpv4_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__icmpv4_rrd_filename,
+        'descr' => 'ICMPv4',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__icmpv6_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__icmpv6_rrd_filename,
+        'descr' => 'icmpv6',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ieee8021ah_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ieee8021ah_rrd_filename,
+        'descr' => 'IEEE 802.1ah',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__invalid_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__invalid_rrd_filename,
+        'descr' => 'Invalid',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ipv4_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ipv4_rrd_filename,
+        'descr' => 'IPv4',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ipv4_in_ipv6_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ipv4_in_ipv6_rrd_filename,
+        'descr' => 'IPv4 in IPv6',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ipv6_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ipv6_rrd_filename,
+        'descr' => 'IPv6',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ipv6_in_ipv6_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ipv6_in_ipv6_rrd_filename,
+        'descr' => 'IPv6 in IPv6',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__mpls_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__mpls_rrd_filename,
+        'descr' => 'MPLS',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__nsh_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__nsh_rrd_filename,
+        'descr' => 'NSH',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__null_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__null_rrd_filename,
+        'descr' => 'Null',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ppp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ppp_rrd_filename,
+        'descr' => 'PPP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__pppoe_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__pppoe_rrd_filename,
+        'descr' => 'PPPoE',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__raw_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__raw_rrd_filename,
+        'descr' => 'Raw',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__sctp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__sctp_rrd_filename,
+        'descr' => 'SCTP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__sll_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__sll_rrd_filename,
+        'descr' => 'SLL',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__teredo_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__teredo_rrd_filename,
+        'descr' => 'Teredo',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__udp_rrd_filename,
+        'descr' => 'udp',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__vlan_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__vlan_rrd_filename,
+        'descr' => 'VLAN',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__vlan_qinq_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__vlan_qinq_rrd_filename,
+        'descr' => 'VLAN QinQ',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__vlan_qinqinq_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__vlan_qinqinq_rrd_filename,
+        'descr' => 'VLAN QinQinQ',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__vntag_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__vntag_rrd_filename,
+        'descr' => 'VN-Tag',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__vxlan_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__vxlan_rrd_filename,
+        'descr' => 'VXLAN',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_list[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'ICMPv4',
+        'ds' => 'f_icmpv4',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'ICMPv6',
+        'ds' => 'f_icmpv6',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TCP',
+        'ds' => 'f_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'UDP',
+        'ds' => 'f_udp',
+    ];
+}
+if (! isset($rrd_list[0])) {
+    d_echo('No RRDs found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_flow_proto_overview.inc.php

@@ -0,0 +1,72 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'flows';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 0;
+$addarea = 0;
+$transparency = 15;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$flow__udp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow__udp']);
+$flow__tcp_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow__tcp']);
+$flow__icmpv4_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow__icmpv4']);
+$flow__icmpv6_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow__icmpv6']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($flow__udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow__icmpv4_rrd_filename,
+        'descr' => 'ICMPv4',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($flow__icmpv6_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow__icmpv6_rrd_filename,
+        'descr' => 'ICMPv6',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($flow__tcp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow__tcp_rrd_filename,
+        'descr' => 'TCP',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($flow__udp_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow__udp_rrd_filename,
+        'descr' => 'UDP',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_list[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'ICMPv4',
+        'ds' => 'f_icmpv4',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'ICMPv6',
+        'ds' => 'f_icmpv6',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TCP',
+        'ds' => 'f_tcp',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'UDP',
+        'ds' => 'f_udp',
+    ];
+}
+if (! isset($rrd_list[0])) {
+    d_echo('No RRDs found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_mem_use_overview.inc.php

@@ -0,0 +1,85 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'bytes';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 1;
+$addarea = 0;
+$transparency = 15;
+$descr_len = 16;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$flow__memuse_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___flow__memuse']);
+$ftp__memuse_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___ftp__memuse']);
+$http__memuse_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___http__memuse']);
+$tcp__memuse_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___tcp__memuse']);
+$tcp__reassembly_memuse_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___tcp__reassembly_memuse']);
+
+if (Rrd::checkRrdExists($flow__memuse_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $flow__memuse_rrd_filename,
+        'descr' => 'Flow Memuse',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($ftp__memuse_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $ftp__memuse_rrd_filename,
+        'descr' => 'FTP Memuse',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($http__memuse_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $http__memuse_rrd_filename,
+        'descr' => 'HTTP Memuse',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($tcp__memuse_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $tcp__memuse_rrd_filename,
+        'descr' => 'TCP Memuse',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($tcp__reassembly_memuse_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $tcp__reassembly_memuse_rrd_filename,
+        'descr' => 'TCP Reass Memuse',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_file[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Flow',
+        'ds' => 'f_memuse',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'FTP',
+        'ds' => 'ftp_memuse',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'HTTP',
+        'ds' => 'http_memuse',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TCP',
+        'ds' => 'tcp_memuse',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'TCP Reass',
+        'ds' => 'tcp_reass_memuse',
+    ];
+}
+if (! isset($rrd_file[0])) {
+    d_echo('No RRDs found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_nasty_delta_overview.inc.php

@@ -0,0 +1,64 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'per second';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 1;
+$addarea = 0;
+$transparency = 15;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$capture__kernel_ifdrops_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___capture__kernel_ifdrops']);
+$capture__kernel_drops_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___capture__kernel_drops']);
+$error_delta_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___error_delta']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($capture__kernel_ifdrops_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $capture__kernel_ifdrops_rrd_filename,
+        'descr' => 'If Drops',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($capture__kernel_drops_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $capture__kernel_drops_rrd_filename,
+        'descr' => 'Drops',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($error_delta_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $error_delta_rrd_filename,
+        'descr' => 'Errors',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_list[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Packets',
+        'ds' => 'packets',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Dec. Packets',
+        'ds' => 'dec_packets',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Dropped',
+        'ds' => 'dropped',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'If Dropped',
+        'ds' => 'ifdropped',
+    ];
+}
+if (! isset($rrd_list[0])) {
+    d_echo('No RRDs found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_nasty_percent_overview.inc.php

@@ -0,0 +1,44 @@
+<?php
+
+$name = 'suricata';
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$drop_percent_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___drop_percent']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($drop_percent_rrd_filename)) {
+    $unit_text = 'Packets';
+    $descr = 'Drop Prct';
+    $ds = 'data';
+
+    $filename = $drop_percent_rrd_filename;
+
+    require 'includes/html/graphs/generic_stats.inc.php';
+} elseif (Rrd::checkRrdExists($rrd_filename)) {
+    $unit_text = '% Of Packets';
+    $colours = 'psychedelic';
+    $dostack = 0;
+    $printtotal = 0;
+    $addarea = 0;
+    $transparency = 15;
+
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Dropped',
+        'ds' => 'drop_percent',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'If Dropped',
+        'ds' => 'ifdrop_percent',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Error',
+        'ds' => 'error_percent',
+    ];
+
+    require 'includes/html/graphs/generic_multi_line.inc.php';
+} else {
+    d_echo('RRD "' . $rrd_filename . '" not found');
+}

includes/html/graphs/application/suricata_packets_overview.inc.php

@@ -0,0 +1,72 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'packets/sec';
+$colours = 'psychedelic';
+$dostack = 0;
+$printtotal = 1;
+$addarea = 0;
+$transparency = 15;
+
+$rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$decoder__ethernet_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___decoder__ethernet']);
+$capture__kernel_packets_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___capture__kernel_packets']);
+$capture__kernel_drops_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___capture__kernel_drops']);
+$capture__kernel_ifdrops_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___capture__kernel_ifdrops']);
+
+$rrd_list = [];
+if (Rrd::checkRrdExists($capture__kernel_packets_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $capture__kernel_packets_rrd_filename,
+        'descr' => 'Packets',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($decoder__ethernet_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $decoder__ethernet_rrd_filename,
+        'descr' => 'Eth Pkts',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($capture__kernel_drops_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $capture__kernel_drops_rrd_filename,
+        'descr' => 'Drops',
+        'ds' => 'data',
+    ];
+}
+if (Rrd::checkRrdExists($capture__kernel_ifdrops_rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $capture__kernel_ifdrops_rrd_filename,
+        'descr' => 'If Dropped',
+        'ds' => 'data',
+    ];
+}
+if (! isset($rrd_list[0]) && Rrd::checkRrdExists($rrd_filename)) {
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Packets',
+        'ds' => 'packets',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Dec. Packets',
+        'ds' => 'dec_packets',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'Dropped',
+        'ds' => 'dropped',
+    ];
+    $rrd_list[] = [
+        'filename' => $rrd_filename,
+        'descr' => 'If Dropped',
+        'ds' => 'ifdropped',
+    ];
+}
+if (! isset($rrd_list[0])) {
+    d_echo('No RRDs found');
+}
+
+require 'includes/html/graphs/generic_multi_line.inc.php';

includes/html/graphs/application/suricata_uptime_overview.inc.php

@@ -0,0 +1,20 @@
+<?php
+
+$munge = true;
+$name = 'suricata';
+$unit_text = 'days';
+
+$v1_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id]);
+$uptime_rrd_filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___uptime']);
+
+if (Rrd::checkRrdExists($uptime_rrd_filename)) {
+    $ds = 'data';
+    $filename = $uptime_rrd_filename;
+} elseif (Rrd::checkRrdExists($v1_rrd_filename)) {
+    $ds = 'uptime';
+    $filename = $v1_rrd_filename;
+} else {
+    d_echo('RRD "' . $uptime_rrd_filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__bittorrent-dht__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Bittorrent-DHT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__bittorrent-dht__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__bittorrent-dht__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__bittorrent-dht__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Bittorent-DHT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__bittorrent-dht__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__bittorrent-dht__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__bittorrent-dht__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Bittorrent-DHT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__bittorrent-dht__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__bittorrent-dht__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__bittorrent-dht__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Bittorrent-DHT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__bittorrent-dht__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__bittorrent-dht__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dcerpc_tcp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DCE RPC TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dcerpc_tcp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dcerpc_tcp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dcerpc_tcp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DCE RPC TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dcerpc_tcp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dcerpc_tcp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dcerpc_tcp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DCE RPC TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dcerpc_tcp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dcerpc_tcp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dcerpc_tcp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DCE RPC TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dcerpc_tcp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dcerpc_tcp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dcerpc_udp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DCE RPC UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dcerpc_udp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dcerpc_udp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dcerpc_udp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DCE RPC UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dcerpc_udp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dcerpc_udp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dcerpc_udp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DCE RPC UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dcerpc_udp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dcerpc_udp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dhcp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DHCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dhcp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dhcp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dhcp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DHCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dhcp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dhcp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dhcp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DHCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dhcp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dhcp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dhcp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DHCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dhcp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dhcp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dnp3__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNP3';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dnp3__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dnp3__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dnp3__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNP3';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dnp3__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dnp3__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dnp3__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNP3';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dnp3__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dnp3__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dnp3__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNP3';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dnp3__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dnp3__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dns_tcp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dns_tcp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dns_tcp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dns_tcp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dns_tcp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dns_tcp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dns_tcp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dns_tcp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dns_tcp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dns_tcp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dns_tcp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dns_tcp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dns_udp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNS UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dns_udp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dns_udp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dns_udp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNS UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dns_udp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dns_udp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__dns_udp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'DNS UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__dns_udp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__dns_udp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__enip_tcp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ENIP TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__enip_tcp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__enip_tcp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__enip_tcp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ENIP TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__enip_tcp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__enip_tcp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__enip_tcp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ENIP TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__enip_tcp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__enip_tcp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__enip_tcp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ENIP TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__enip_tcp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__enip_tcp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__enip_udp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ENIP UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__enip_udp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__enip_udp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__enip_udp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ENIP UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__enip_udp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__enip_udp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__enip_udp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ENIP UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__enip_udp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__enip_udp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__failed_tcp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Failed TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__failed_tcp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__failed_tcp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp-data__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP-Data';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp-data__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp-data__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp-data__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP-Data';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp-data__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp-data__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp-data__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP-Data';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp-data__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp-data__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp-data__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP-Data';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp-data__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp-data__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ftp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'FTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ftp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ftp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http2__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP2';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http2__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http2__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http2__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP2';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http2__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http2__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http2__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP2';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http2__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http2__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http2__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP2';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http2__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http2__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__http__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'HTTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__http__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__http__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ike__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IKE';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ike__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ike__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ike__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IKE';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ike__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ike__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ike__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IKE';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ike__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ike__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ike__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IKE';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ike__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ike__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__imap__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IMAP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__imap__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__imap__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__imap__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IMAP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__imap__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__imap__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__imap__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IMAP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__imap__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__imap__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__imap__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'IMAP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__imap__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__imap__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__krb5_tcp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'KRB5 TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__krb5_tcp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__krb5_tcp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__krb5_tcp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'KRB5 TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__krb5_tcp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__krb5_tcp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__krb5_tcp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'KRB5 TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__krb5_tcp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__krb5_tcp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__krb5_tcp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'KRB5 TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__krb5_tcp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__krb5_tcp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__krb5_udp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'KRB5 UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__krb5_udp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__krb5_udp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__krb5_udp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'KRB5 UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__krb5_udp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__krb5_udp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__krb5_udp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'KRB5 UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__krb5_udp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__krb5_udp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__modbus__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ModBus';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__modbus__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__modbus__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__modbus__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ModBus';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__modbus__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__modbus__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__modbus__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ModBus';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__modbus__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__modbus__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__modbus__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'ModBus';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__modbus__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__modbus__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__mqtt__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'MQTT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__mqtt__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__mqtt__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__mqtt__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'MQTT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__mqtt__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__mqtt__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__mqtt__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'MQTT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__mqtt__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__mqtt__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__mqtt__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'MQTT';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__mqtt__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__mqtt__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__nfs_tcp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NFS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__nfs_tcp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__nfs_tcp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__nfs_tcp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NFS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__nfs_tcp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__nfs_tcp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__nfs_tcp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NFS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__nfs_tcp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__nfs_tcp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__nfs_tcp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NFS TCP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__nfs_tcp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__nfs_tcp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__nfs_udp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NFS UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__nfs_udp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__nfs_udp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__nfs_udp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NFS UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__nfs_udp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__nfs_udp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__nfs_udp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NFS UDP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__nfs_udp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__nfs_udp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ntp__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ntp__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ntp__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ntp__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ntp__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ntp__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ntp__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ntp__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ntp__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__ntp__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'NTP';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__ntp__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__ntp__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__pgsql__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Pgsql';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__pgsql__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__pgsql__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__pgsql__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Pgsql';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__pgsql__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__pgsql__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__pgsql__internal.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Pgsql';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__pgsql__internal']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__pgsql__internal']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__pgsql__parser.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'Pgsql';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__pgsql__parser']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__pgsql__parser']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__quic__alloc.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'QUIC';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__quic__alloc']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__quic__alloc']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';

includes/html/graphs/application/suricata_v2_app_layer__error__quic__gap.inc.php

@@ -0,0 +1,18 @@
+<?php
+
+$name = 'suricata';
+$unit_text = 'errors/s';
+$descr = 'QUIC';
+$ds = 'data';
+
+if (isset($vars['sinstance'])) {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'instance_' . $vars['sinstance'] . '___app_layer__error__quic__gap']);
+} else {
+    $filename = Rrd::name($device['hostname'], ['app', $name, $app->app_id, 'totals___app_layer__error__quic__gap']);
+}
+
+if (Rrd::checkRrdExists($filename)) {
+    d_echo('RRD "' . $filename . '" not found');
+}
+
+require 'includes/html/graphs/generic_stats.inc.php';