Implements #5587 behavior analysis enabled by the alerts

2026-05-05 10:41:34 +00:00 · 2021-07-01 13:56:49 +02:00 · 2021-07-01 13:56:49 +02:00 · 17cd2efb00
commit 17cd2efb00
parent 2b58ed6708
14 changed files with 89 additions and 101 deletions
--- a/scripts/lua/modules/behavior_utils.lua
+++ b/scripts/lua/modules/behavior_utils.lua
@ -2,7 +2,10 @@
 -- (C) 2020-21 - ntop.org
 --

+local rest_utils = require("rest_utils")
+
 local behavior_utils = {}
+local redis_key = "changed_behavior_alert_setup"

 -- ##############################################

@ -33,6 +36,29 @@ function behavior_utils.get_behavior_timeseries_utils(family_key)
   return behavior_table[family_key]
 end

+function behavior_utils.change_behavior_alert_status()
+   -- Set the redis key for the restart
+   ntop.setCache(redis_key, true)
+   rest_utils.answer(rest_utils.consts.success.ok, res)
+end
+
 -- ##############################################

+function behavior_utils.restart_required()
+    if ntop.getCache(redis_key) == '' then
+        return false
+    end
+
+    return true
+end
+
+-- ##############################################
+
+function behavior_utils.reset()
+    if ntop.getCache(redis_key) ~= '' then
+        ntop.delCache(redis_key)
+    end
+end
+
+
 return behavior_utils
--- a/scripts/lua/modules/http_lint.lua
+++ b/scripts/lua/modules/http_lint.lua
@ -1683,9 +1683,6 @@ local known_parameters = {
   ["toggle_dst_with_post_nat_dst"]                = validateBool,
   ["toggle_src_with_post_nat_src"]                = validateBool,
   ["toggle_behaviour_analysis"]                   = validateBool,
-   ["toggle_asn_behavior_analysis"]               = validateBool,
-   ["toggle_network_behavior_analysis"]           = validateBool,
-   ["toggle_iface_l7_behavior_analysis"]          = validateBool,
   ["behaviour_analysis_learning_period"]          = validateNumber,
   ["behaviour_analysis_learning_status_during_learning"] = validateNumber,
   ["behaviour_analysis_learning_status_post_learning"]   = validateNumber,
--- a/scripts/lua/modules/prefs_menu.lua
+++ b/scripts/lua/modules/prefs_menu.lua
@ -269,18 +269,6 @@ local menu_subpages = {
        title = i18n("prefs.behaviour_analysis_status_post_learning_title"),
        description = i18n("prefs.behaviour_analysis_status_post_learning_description")
      },
-      toggle_asn_behavior_analysis = {
-        title       = i18n("prefs.toggle_asn_behavior_analysis_title"),
-        description = i18n("prefs.toggle_asn_behavior_analysis_description"),
-      },
-      toggle_network_behavior_analysis = {
-        title       = i18n("prefs.toggle_network_behavior_analysis_title"),
-        description = i18n("prefs.toggle_network_behavior_analysis_description"),
-      },
-      toggle_iface_l7_behavior_analysis = {
-        title       = i18n("prefs.toggle_iface_l7_behavior_analysis_title"),
-        description = i18n("prefs.toggle_iface_l7_behavior_analysis_description"),
-      },
    }, 
    iec60870_learning_period = {
      title       = i18n("prefs.iec60870_learning_period_title"),
--- a/scripts/lua/modules/timeseries/schemas/ts_5min.lua
+++ b/scripts/lua/modules/timeseries/schemas/ts_5min.lua
@ -603,7 +603,7 @@ if ntop.isPro() then

    -- ##############################################

-    schema = ts_utils.newSchema("asn:traffic_tx_behavior", {step=300})
+    schema = ts_utils.newSchema("asn:traffic_tx_behavior", {step=300, metrics_type=ts_utils.metrics.gauge})
    schema:addTag("ifid")
    schema:addTag("asn")
    schema:addMetric("value")
@ -612,7 +612,7 @@ if ntop.isPro() then

    -- ##############################################

-    schema = ts_utils.newSchema("asn:traffic_rx_behavior", {step=300})
+    schema = ts_utils.newSchema("asn:traffic_rx_behavior", {step=300, metrics_type=ts_utils.metrics.gauge})
    schema:addTag("ifid")
    schema:addTag("asn")
    schema:addMetric("value")
@ -644,7 +644,7 @@ if ntop.isPro() then

    -- ##############################################

-    schema = ts_utils.newSchema("iface:traffic_tx_behavior", {step=300})
+    schema = ts_utils.newSchema("iface:traffic_tx_behavior", {step=300, metrics_type=ts_utils.metrics.gauge})
    schema:addTag("ifid")
    schema:addMetric("value")
    schema:addMetric("lower_bound")
@ -652,7 +652,7 @@ if ntop.isPro() then

    -- ##############################################

-    schema = ts_utils.newSchema("iface:traffic_rx_behavior", {step=300})
+    schema = ts_utils.newSchema("iface:traffic_rx_behavior", {step=300, metrics_type=ts_utils.metrics.gauge})
    schema:addTag("ifid")
    schema:addMetric("value")
    schema:addMetric("lower_bound")
@ -683,7 +683,7 @@ if ntop.isPro() then

    -- ##############################################

-    schema = ts_utils.newSchema("subnet:traffic_tx_behavior", {step=300})
+    schema = ts_utils.newSchema("subnet:traffic_tx_behavior", {step=300, metrics_type=ts_utils.metrics.gauge})
    schema:addTag("ifid")
    schema:addTag("subnet")
    schema:addMetric("value")
@ -692,7 +692,7 @@ if ntop.isPro() then

    -- ##############################################

-    schema = ts_utils.newSchema("subnet:traffic_rx_behavior", {step=300})
+    schema = ts_utils.newSchema("subnet:traffic_rx_behavior", {step=300, metrics_type=ts_utils.metrics.gauge})
    schema:addTag("ifid")
    schema:addTag("subnet")
    schema:addMetric("value")