vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-22 02:38:59 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Tests update (change value for no network)

Browse source
This commit is contained in:
Alfredo Cardigliano 2022-04-14 09:18:45 +02:00
parent 09885ec161
commit 1acebbda28
37 changed files with 37 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/e2e/rest/result/v1/alert_dns_data_exfiltration_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/alert_dns_data_exfiltration_02.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/alert_flow_exclusion_lists.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/alert_flow_invalid_dns_query_02.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Error Code Detected <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-043\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 9.9.9.9 [Score: 100]"},"duration":36337644,"family":"flow","filter":{"bpf":"host 192.168.2.222 and host 9.9.9.9 and port 59610 and port 53","epoch_begin":1613488852,"epoch_end":1649826497},"flow":{"active_url":"/lua/flow_details.lua?flow_key=3383892960&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.222","label_long":"192.168.2.222","reference":"<a href='/lua/host_details.lua?host=192.168.2.222' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.222"},"cli_port":"59610","srv_ip":{"blacklisted":"0","country":"CH","label":"9.9.9.9","label_long":"9.9.9.9","reference":"<a href='/lua/host_details.lua?host=9.9.9.9' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"9.9.9.9"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-danger\">NXDOMAIN</span> ] [ URL: <button data-to-copy='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' target='_blank'><i class='fas fa-external-link-alt'></i> adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 357 Bytes | Client to Server Traffic: 297 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS.Google","label":"UDP:DNS.Google","value":"126"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 9.9.9.9 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"120","value":120},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ff3231","label":"16/02/2021 17:20:52","value":1613488852},"vlan_id":"0"}]}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Error Code Detected <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-043\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 9.9.9.9 [Score: 100]"},"duration":36423575,"family":"flow","filter":{"bpf":"host 192.168.2.222 and host 9.9.9.9 and port 59610 and port 53","epoch_begin":1613488852,"epoch_end":1649912428},"flow":{"active_url":"/lua/flow_details.lua?flow_key=3383892960&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.222","label_long":"192.168.2.222","reference":"<a href='/lua/host_details.lua?host=192.168.2.222' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.222"},"cli_port":"59610","srv_ip":{"blacklisted":"0","country":"CH","label":"9.9.9.9","label_long":"9.9.9.9","reference":"<a href='/lua/host_details.lua?host=9.9.9.9' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"9.9.9.9"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-danger\">NXDOMAIN</span> ] [ URL: <span><button data-to-copy='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' target='_blank'><i class='fas fa-external-link-alt'></i> adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 357 Bytes | Client to Server Traffic: 297 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS.Google","label":"UDP:DNS.Google","value":"126"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 9.9.9.9 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"120","value":120},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ff3231","label":"16/02/2021 17:20:52","value":1613488852},"vlan_id":"0"}]}}

2
tests/e2e/rest/result/v1/alert_flow_risk_dga_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/alert_flow_risk_dga_02.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/alert_flow_risk_http_numeric_ip_host.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/alert_flow_risk_missing_tls_sni.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]<br>TLS not carrying HTTPS <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-015\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","value":"54"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"count":1,"description":{"descr":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"duration":92008028,"family":"flow","filter":{"bpf":"host 10.206.131.18 and host 10.206.65.249 and port 58657 and port 443","epoch_begin":1557818846,"epoch_end":1649826875},"flow":{"active_url":"/lua/flow_details.lua?flow_key=362652409&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"10.206.131.18","label_long":"10.206.131.18","reference":"","value":"10.206.131.18"},"cli_port":"58657","srv_ip":{"blacklisted":"0","country":"","label":"10.206.65.249","label_long":"10.206.65.249","reference":"<a href='/lua/host_details.lua?host=10.206.65.249@258' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"10.206.65.249"},"srv_port":"443","vlan":{"label":"258","title":"258","value":258}},"flow_related_info":{"descr":" [ TLS Certificate Validity: 29/11/2018 20:57:22 - 29/11/2023 20:57:22 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 3.89 KB | Client to Server Traffic: 1.12 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=ndpi_tls_missing_sni#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]","fullname":"Missing TLS SNI","name":"Missing TLS SNI","value":54},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ffc007","label":"70","value":70},"script_key":"ndpi_tls_missing_sni","severity":{"color":"#ffc007","label":"<i class='fas fa-fw fa-exclamation-triangle text-warning' style='color: #ffc007!important' title='Warning'></i> ","value":4},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ffc007","label":"14/05/2019 09:27:26","value":1557818846},"vlan_id":"258"}]}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]<br>TLS not carrying HTTPS <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-015\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","value":"54"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"count":1,"description":{"descr":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"duration":92093958,"family":"flow","filter":{"bpf":"host 10.206.131.18 and host 10.206.65.249 and port 58657 and port 443","epoch_begin":1557818846,"epoch_end":1649912805},"flow":{"active_url":"/lua/flow_details.lua?flow_key=362652409&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"10.206.131.18","label_long":"10.206.131.18","reference":"","value":"10.206.131.18"},"cli_port":"58657","srv_ip":{"blacklisted":"0","country":"","label":"10.206.65.249","label_long":"10.206.65.249","reference":"<a href='/lua/host_details.lua?host=10.206.65.249@258' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"10.206.65.249"},"srv_port":"443","vlan":{"label":"258","title":"258","value":258}},"flow_related_info":{"descr":" [ TLS Certificate Validity: 29/11/2018 20:57:22 - 29/11/2023 20:57:22 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 3.89 KB | Client to Server Traffic: 1.12 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=ndpi_tls_missing_sni#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]","fullname":"Missing TLS SNI","name":"Missing TLS SNI","value":54},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ffc007","label":"70","value":70},"script_key":"ndpi_tls_missing_sni","severity":{"color":"#ffc007","label":"<i class='fas fa-fw fa-exclamation-triangle text-warning' style='color: #ffc007!important' title='Warning'></i> ","value":4},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ffc007","label":"09:27:26","value":1557818846},"vlan_id":"258"}]}}

2
tests/e2e/rest/result/v1/alert_flow_risk_unsafe_protocol.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/alert_tls_certificate_expired.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":27267190,"family":"flow","filter":{"bpf":"host 192.168.2.126 and host 104.111.215.93 and port 60174 and port 443","epoch_begin":1622559830,"epoch_end":1649827021},"flow":{"active_url":"/lua/flow_details.lua?flow_key=689480653&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.126","label_long":"192.168.2.126","reference":"<a href='/lua/host_details.lua?host=192.168.2.126' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.126"},"cli_port":"60174","srv_ip":{"blacklisted":"0","country":"DE","label":"www.repubblica.it","label_long":"www.repubblica.it","name":"www.repubblica.it","reference":"<a href='/lua/host_details.lua?host=104.111.215.93' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"104.111.215.93"},"srv_port":"443"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 07/03/2019 02:00:00 - 05/05/2020 14:00:00 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <button data-to-copy='https://www.repubblica.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.repubblica.it' target='_blank'><i class='fas fa-external-link-alt'></i> www.repubblica.it</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 106.51 KB | Client to Server Traffic: 8.34 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"110","value":110},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ff3231","label":"01/06/2021 17:03:50","value":1622559830},"vlan_id":"0"}]}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":27353125,"family":"flow","filter":{"bpf":"host 192.168.2.126 and host 104.111.215.93 and port 60174 and port 443","epoch_begin":1622559830,"epoch_end":1649912956},"flow":{"active_url":"/lua/flow_details.lua?flow_key=689480653&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.126","label_long":"192.168.2.126","reference":"<a href='/lua/host_details.lua?host=192.168.2.126' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.126"},"cli_port":"60174","srv_ip":{"blacklisted":"0","country":"DE","label":"www.repubblica.it","label_long":"www.repubblica.it","name":"www.repubblica.it","reference":"<a href='/lua/host_details.lua?host=104.111.215.93' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"104.111.215.93"},"srv_port":"443"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 07/03/2019 02:00:00 - 05/05/2020 14:00:00 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <span><button data-to-copy='https://www.repubblica.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.repubblica.it' target='_blank'><i class='fas fa-external-link-alt'></i> www.repubblica.it</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 106.51 KB | Client to Server Traffic: 8.34 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"110","value":110},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ff3231","label":"01/06/2021 17:03:50","value":1622559830},"vlan_id":"0"}]}}

2
tests/e2e/rest/result/v1/alert_tls_certificate_selfsigned.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"TLS Certificate Self-signed <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-006\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]<br>Application on Non-Standard Port <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-005\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"127.0.0.0/8","value":"0"},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":60905449,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 51607 and port 3001","epoch_begin":1588921646,"epoch_end":1649827096},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261499100&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"51607","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"3001"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 10/10/2015 17:55:47 - 09/10/2016 17:55:47 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <button data-to-copy='https://localhost' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://localhost' target='_blank'><i class='fas fa-external-link-alt'></i> localhost</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.29 KB | Client to Server Traffic: 1.39 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS.ntop","label":"TCP:TLS.ntop","value":"26"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"250","value":250},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"127.0.0.0/8","value":"0"},"tstamp":{"highlight":"#ff3231","label":"08/05/2020 09:07:26","value":1588921646},"vlan_id":"0"}]}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"TLS Certificate Self-signed <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-006\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]<br>Application on Non-Standard Port <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-005\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"127.0.0.0/8","value":"0"},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":60991384,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 51607 and port 3001","epoch_begin":1588921646,"epoch_end":1649913031},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261499100&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"51607","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"3001"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 10/10/2015 17:55:47 - 09/10/2016 17:55:47 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <span><button data-to-copy='https://localhost' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://localhost' target='_blank'><i class='fas fa-external-link-alt'></i> localhost</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.29 KB | Client to Server Traffic: 1.39 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS.ntop","label":"TCP:TLS.ntop","value":"26"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"250","value":250},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"127.0.0.0/8","value":"0"},"tstamp":{"highlight":"#ff3231","label":"08/05/2020 09:07:26","value":1588921646},"vlan_id":"0"}]}}

2
tests/e2e/rest/result/v1/alert_web_mining.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/get_alert_data_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/get_alert_data_02.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"DNS Packet Larger Than 512 bytes <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-037\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]<br>Malformed packet <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-017\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 127.0.0.1 [Score: 100]"},"duration":58275561,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 50435 and port 53","epoch_begin":1591551760,"epoch_end":1649827322},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261427416&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"50435","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-success\">NOERROR</span> ] [ URL: <button data-to-copy='https://www.xt.com' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.xt.com' target='_blank'><i class='fas fa-external-link-alt'></i> www.xt.com</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.79 KB | Client to Server Traffic: 70 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS","label":"UDP:DNS","value":"5"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 127.0.0.1 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"170","value":170},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ff3231","label":"07/06/2020 19:42:40","value":1591551760},"vlan_id":"0"}]}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"DNS Packet Larger Than 512 bytes <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-037\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]<br>Malformed packet <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-017\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 127.0.0.1 [Score: 100]"},"duration":58361496,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 50435 and port 53","epoch_begin":1591551760,"epoch_end":1649913257},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261427416&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"50435","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-success\">NOERROR</span> ] [ URL: <span><button data-to-copy='https://www.xt.com' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.xt.com' target='_blank'><i class='fas fa-external-link-alt'></i> www.xt.com</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.79 KB | Client to Server Traffic: 70 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS","label":"UDP:DNS","value":"5"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 127.0.0.1 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"170","value":170},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ff3231","label":"07/06/2020 19:42:40","value":1591551760},"vlan_id":"0"}]}}

2
tests/e2e/rest/result/v1/get_host_data_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/get_host_data_02.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v1/get_interface_data_01.out
View file

@ -1 +1 @@
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","rsp":{"alerted_flows":45,"bytes":3744757,"bytes_download":3744757,"bytes_upload":0,"dropped_alerts":0,"drops":0,"engaged_alerts":0,"epoch":1643350270,"flows_pctg":1,"hosts_pctg":1,"ifid":"0","ifname":"test_01.pcap","is_view":false,"local2remote":185214,"localtime":"07:11:10 +0100","macs_pctg":1,"num_devices":4,"num_flows":179,"num_hosts":42,"num_live_captures":0,"num_local_hosts":4,"packets":5000,"packets_download":5000,"packets_upload":0,"periodic_stats_update_frequency_secs":5,"profiles":[],"remote2local":3332878,"remote_bps":0,"remote_pps":0,"speed":1000,"system_host_stats":{"alerts_queries":51,"alerts_stats":{"alert_queues":{"internal_alerts_queue":{"pct_not_enqueued":0}}},"cpu_load":0.31999999284744,"cpu_states":{"guest":0,"guest_nice":0,"idle":98.294783049131,"iowait":0,"irq":0,"nice":0,"softirq":0.151950025325,"steal":0,"system":0.25325004220834,"user":1.3000168833361},"dropped_alerts":0,"mem_buffers":791016,"mem_cached":11637380,"mem_free":277648,"mem_ntopng_resident":532856,"mem_ntopng_virtual":21475351708,"mem_shmem":0,"mem_sreclaimable":688812,"mem_total":32727900,"mem_used":19333044,"written_alerts":0},"tcpPacketStats":{"lost":0,"out_of_order":0,"retransmissions":10},"throughput":{"download":{"bps":0,"pps":0},"upload":{"bps":0,"pps":0}},"throughput_bps":0,"throughput_pps":0,"ts_alerts":[],"uptime":"00:19 sec"}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","rsp":{"alerted_flows":40,"bytes":3744757,"bytes_download":3744757,"bytes_upload":0,"dropped_alerts":0,"drops":0,"engaged_alerts":0,"epoch":1649914610,"flows_pctg":1,"hosts_pctg":1,"ifid":"0","ifname":"test_01.pcap","is_view":false,"local2remote":185214,"localtime":"07:36:50 +0200","macs_pctg":1,"num_devices":4,"num_flows":179,"num_hosts":42,"num_live_captures":0,"num_local_hosts":4,"packets":5000,"packets_download":5000,"packets_upload":0,"periodic_stats_update_frequency_secs":5,"profiles":[],"remote2local":3332878,"remote_bps":0,"remote_pps":0,"speed":1000,"system_host_stats":{"alerts_queries":49,"alerts_stats":{"alert_queues":{"internal_alerts_queue":{"pct_not_enqueued":0}}},"cpu_load":0.79000002145767,"cpu_states":{"guest":0,"guest_nice":0,"idle":94.485917882592,"iowait":0.084832032575501,"irq":0,"nice":0,"softirq":1.3742789277231,"steal":0,"system":1.5778758059043,"user":2.4770953512046},"dropped_alerts":0,"mem_buffers":1040576,"mem_cached":14323204,"mem_free":254320,"mem_ntopng_resident":481212,"mem_ntopng_virtual":21475370988,"mem_shmem":0,"mem_sreclaimable":1482156,"mem_total":32724536,"mem_used":15624280,"written_alerts":0},"tcpPacketStats":{"lost":0,"out_of_order":0,"retransmissions":10},"throughput":{"download":{"bps":0,"pps":0},"upload":{"bps":0,"pps":0}},"throughput_bps":0,"throughput_pps":0,"ts_alerts":[],"uptime":"00:24 sec"}}

2
tests/e2e/rest/result/v1/set_host_alias_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_dns_data_exfiltration_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_dns_data_exfiltration_02.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_flow_exclusion_lists.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_flow_invalid_dns_query_02.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Error Code Detected <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-043\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 9.9.9.9 [Score: 100]"},"duration":36341169,"family":"flow","filter":{"bpf":"host 192.168.2.222 and host 9.9.9.9 and port 59610 and port 53","epoch_begin":1613488852,"epoch_end":1649830022},"flow":{"active_url":"/lua/flow_details.lua?flow_key=3383892960&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.222","label_long":"192.168.2.222","reference":"<a href='/lua/host_details.lua?host=192.168.2.222' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.222"},"cli_port":"59610","srv_ip":{"blacklisted":"0","country":"CH","label":"9.9.9.9","label_long":"9.9.9.9","reference":"<a href='/lua/host_details.lua?host=9.9.9.9' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"9.9.9.9"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-danger\">NXDOMAIN</span> ] [ URL: <button data-to-copy='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' target='_blank'><i class='fas fa-external-link-alt'></i> adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 357 Bytes | Client to Server Traffic: 297 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS.Google","label":"UDP:DNS.Google","value":"126"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 9.9.9.9 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"120","value":120},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ff3231","label":"16/02/2021 17:20:52","value":1613488852},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,544 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.22006034851074}}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Error Code Detected <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-043\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 9.9.9.9 [Score: 100]"},"duration":36427105,"family":"flow","filter":{"bpf":"host 192.168.2.222 and host 9.9.9.9 and port 59610 and port 53","epoch_begin":1613488852,"epoch_end":1649915958},"flow":{"active_url":"/lua/flow_details.lua?flow_key=3383892960&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.222","label_long":"192.168.2.222","reference":"<a href='/lua/host_details.lua?host=192.168.2.222' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.222"},"cli_port":"59610","srv_ip":{"blacklisted":"0","country":"CH","label":"9.9.9.9","label_long":"9.9.9.9","reference":"<a href='/lua/host_details.lua?host=9.9.9.9' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"9.9.9.9"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-danger\">NXDOMAIN</span> ] [ URL: <span><button data-to-copy='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it' target='_blank'><i class='fas fa-external-link-alt'></i> adsf.adsfadfasdfasdfadsfadsf.adfasdfasdfadsf.adsfadfasdfasdfadsfaasdf.google.it</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 357 Bytes | Client to Server Traffic: 297 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS.Google","label":"UDP:DNS.Google","value":"126"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 9.9.9.9 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"120","value":120},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ff3231","label":"16/02/2021 17:20:52","value":1613488852},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,064 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.24604797363281}}}

2
tests/e2e/rest/result/v2/alert_flow_risk_dga_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_flow_risk_dga_02.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_flow_risk_http_numeric_ip_host.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_flow_risk_missing_tls_sni.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]<br>TLS not carrying HTTPS <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-015\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","value":"54"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"count":1,"description":{"descr":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"duration":92011561,"family":"flow","filter":{"bpf":"host 10.206.131.18 and host 10.206.65.249 and port 58657 and port 443","epoch_begin":1557818846,"epoch_end":1649830408},"flow":{"active_url":"/lua/flow_details.lua?flow_key=362652409&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"10.206.131.18","label_long":"10.206.131.18","reference":"","value":"10.206.131.18"},"cli_port":"58657","srv_ip":{"blacklisted":"0","country":"","label":"10.206.65.249","label_long":"10.206.65.249","reference":"<a href='/lua/host_details.lua?host=10.206.65.249@258' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"10.206.65.249"},"srv_port":"443","vlan":{"label":"258","title":"258","value":258}},"flow_related_info":{"descr":" [ TLS Certificate Validity: 29/11/2018 20:57:22 - 29/11/2023 20:57:22 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 3.89 KB | Client to Server Traffic: 1.12 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=ndpi_tls_missing_sni#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]","fullname":"Missing TLS SNI","name":"Missing TLS SNI","value":54},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ffc007","label":"70","value":70},"script_key":"ndpi_tls_missing_sni","severity":{"color":"#ffc007","label":"<i class='fas fa-fw fa-exclamation-triangle text-warning' style='color: #ffc007!important' title='Warning'></i> ","value":4},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ffc007","label":"14/05/2019 09:27:26","value":1557818846},"vlan_id":"258"}],"stats":{"num_records_processed":"Processed 1 records [4,203 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.23794174194336}}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]<br>TLS not carrying HTTPS <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-015\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","value":"54"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Missing TLS SNI","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"count":1,"description":{"descr":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"duration":92097488,"family":"flow","filter":{"bpf":"host 10.206.131.18 and host 10.206.65.249 and port 58657 and port 443","epoch_begin":1557818846,"epoch_end":1649916335},"flow":{"active_url":"/lua/flow_details.lua?flow_key=362652409&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"10.206.131.18","label_long":"10.206.131.18","reference":"","value":"10.206.131.18"},"cli_port":"58657","srv_ip":{"blacklisted":"0","country":"","label":"10.206.65.249","label_long":"10.206.65.249","reference":"<a href='/lua/host_details.lua?host=10.206.65.249@258' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"10.206.65.249"},"srv_port":"443","vlan":{"label":"258","title":"258","value":258}},"flow_related_info":{"descr":" [ TLS Certificate Validity: 29/11/2018 20:57:22 - 29/11/2023 20:57:22 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 3.89 KB | Client to Server Traffic: 1.12 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=ndpi_tls_missing_sni#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Missing TLS SNI <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-024\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]","fullname":"Missing TLS SNI","name":"Missing TLS SNI","value":54},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ffc007","label":"70","value":70},"script_key":"ndpi_tls_missing_sni","severity":{"color":"#ffc007","label":"<i class='fas fa-fw fa-exclamation-triangle text-warning' style='color: #ffc007!important' title='Warning'></i> ","value":4},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ffc007","label":"09:27:26","value":1557818846},"vlan_id":"258"}],"stats":{"num_records_processed":"Processed 1 records [3,484 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.28705596923828}}}

2
tests/e2e/rest/result/v2/alert_flow_risk_unsafe_protocol.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/alert_tls_cert_validity_too_long.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Too Long TLS Certificate Validity","value":"60"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Too Long TLS Certificate Validity","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"count":1,"description":{"descr":"Too Long TLS Certificate Validity <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-032\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"duration":27129125,"family":"flow","filter":{"bpf":"host 192.168.2.222 and host 20.86.186.134 and port 40124 and port 443","epoch_begin":1622701860,"epoch_end":1649830986},"flow":{"active_url":"/lua/flow_details.lua?flow_key=3573560583&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.222","label_long":"192.168.2.222","reference":"<a href='/lua/host_details.lua?host=192.168.2.222' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.222"},"cli_port":"40124","srv_ip":{"blacklisted":"0","country":"NL","label":"wdcp.microsoft.com","label_long":"wdcp.microsoft.com","name":"wdcp.microsoft.com","reference":"<a href='/lua/host_details.lua?host=20.86.186.134' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"20.86.186.134"},"srv_port":"443"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 10/12/2020 21:38:28 - 10/03/2022 21:38:28 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <button data-to-copy='https://wdcp.microsoft.com' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://wdcp.microsoft.com' target='_blank'><i class='fas fa-external-link-alt'></i> wdcp.microsoft.com</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 4.74 KB | Client to Server Traffic: 1.13 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS.Microsoft","label":"TCP:TLS.Microsoft","value":"212"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=ndpi_tls_cert_validity_too_long#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Too Long TLS Certificate Validity <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-032\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]","fullname":"Too Long TLS Certificate Validity","name":"Too Long TLS Certificate Validity","value":60},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ffc007","label":"60","value":60},"script_key":"ndpi_tls_cert_validity_too_long","severity":{"color":"#ffc007","label":"<i class='fas fa-fw fa-exclamation-triangle text-warning' style='color: #ffc007!important' title='Warning'></i> ","value":4},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ffc007","label":"03/06/2021 08:31:00","value":1622701860},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,739 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.21100044250488}}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Too Long TLS Certificate Validity","value":"60"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Too Long TLS Certificate Validity","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"count":1,"description":{"descr":"Too Long TLS Certificate Validity <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-032\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"duration":27215055,"family":"flow","filter":{"bpf":"host 192.168.2.222 and host 20.86.186.134 and port 40124 and port 443","epoch_begin":1622701860,"epoch_end":1649916916},"flow":{"active_url":"/lua/flow_details.lua?flow_key=3573560583&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.222","label_long":"192.168.2.222","reference":"<a href='/lua/host_details.lua?host=192.168.2.222' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.222"},"cli_port":"40124","srv_ip":{"blacklisted":"0","country":"NL","label":"wdcp.microsoft.com","label_long":"wdcp.microsoft.com","name":"wdcp.microsoft.com","reference":"<a href='/lua/host_details.lua?host=20.86.186.134' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"20.86.186.134"},"srv_port":"443"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 10/12/2020 21:38:28 - 10/03/2022 21:38:28 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <span><button data-to-copy='https://wdcp.microsoft.com' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://wdcp.microsoft.com' target='_blank'><i class='fas fa-external-link-alt'></i> wdcp.microsoft.com</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 4.74 KB | Client to Server Traffic: 1.13 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS.Microsoft","label":"TCP:TLS.Microsoft","value":"212"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=ndpi_tls_cert_validity_too_long#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Too Long TLS Certificate Validity <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-032\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]","fullname":"Too Long TLS Certificate Validity","name":"Too Long TLS Certificate Validity","value":60},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ffc007","label":"60","value":60},"script_key":"ndpi_tls_cert_validity_too_long","severity":{"color":"#ffc007","label":"<i class='fas fa-fw fa-exclamation-triangle text-warning' style='color: #ffc007!important' title='Warning'></i> ","value":4},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ffc007","label":"03/06/2021 08:31:00","value":1622701860},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,328 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.23102760314941}}}

2
tests/e2e/rest/result/v2/alert_tls_certificate_expired.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":27271005,"family":"flow","filter":{"bpf":"host 192.168.2.126 and host 104.111.215.93 and port 60174 and port 443","epoch_begin":1622559830,"epoch_end":1649830836},"flow":{"active_url":"/lua/flow_details.lua?flow_key=689480653&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.126","label_long":"192.168.2.126","reference":"<a href='/lua/host_details.lua?host=192.168.2.126' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.126"},"cli_port":"60174","srv_ip":{"blacklisted":"0","country":"DE","label":"www.repubblica.it","label_long":"www.repubblica.it","name":"www.repubblica.it","reference":"<a href='/lua/host_details.lua?host=104.111.215.93' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"104.111.215.93"},"srv_port":"443"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 07/03/2019 02:00:00 - 05/05/2020 14:00:00 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <button data-to-copy='https://www.repubblica.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.repubblica.it' target='_blank'><i class='fas fa-external-link-alt'></i> www.repubblica.it</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 106.51 KB | Client to Server Traffic: 8.34 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"110","value":110},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ff3231","label":"01/06/2021 17:03:50","value":1622559830},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [3,924 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.25486946105957}}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":27356936,"family":"flow","filter":{"bpf":"host 192.168.2.126 and host 104.111.215.93 and port 60174 and port 443","epoch_begin":1622559830,"epoch_end":1649916767},"flow":{"active_url":"/lua/flow_details.lua?flow_key=689480653&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"192.168.2.126","label_long":"192.168.2.126","reference":"<a href='/lua/host_details.lua?host=192.168.2.126' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"192.168.2.126"},"cli_port":"60174","srv_ip":{"blacklisted":"0","country":"DE","label":"www.repubblica.it","label_long":"www.repubblica.it","name":"www.repubblica.it","reference":"<a href='/lua/host_details.lua?host=104.111.215.93' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"104.111.215.93"},"srv_port":"443"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 07/03/2019 02:00:00 - 05/05/2020 14:00:00 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <span><button data-to-copy='https://www.repubblica.it' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.repubblica.it' target='_blank'><i class='fas fa-external-link-alt'></i> www.repubblica.it</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 106.51 KB | Client to Server Traffic: 8.34 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS","label":"TCP:TLS","value":"91"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"110","value":110},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ff3231","label":"01/06/2021 17:03:50","value":1622559830},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,033 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.24795532226562}}}

2
tests/e2e/rest/result/v2/alert_tls_certificate_selfsigned.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"TLS Certificate Self-signed <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-006\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]<br>Application on Non-Standard Port <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-005\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"127.0.0.0/8","value":"0"},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":60909264,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 51607 and port 3001","epoch_begin":1588921646,"epoch_end":1649830911},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261499100&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"51607","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"3001"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 10/10/2015 17:55:47 - 09/10/2016 17:55:47 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <button data-to-copy='https://localhost' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://localhost' target='_blank'><i class='fas fa-external-link-alt'></i> localhost</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.29 KB | Client to Server Traffic: 1.39 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS.ntop","label":"TCP:TLS.ntop","value":"26"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"250","value":250},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"127.0.0.0/8","value":"0"},"tstamp":{"highlight":"#ff3231","label":"08/05/2020 09:07:26","value":1588921646},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,328 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.23102760314941}}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"TLS Certificate Self-signed <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-006\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]<br>Application on Non-Standard Port <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-005\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","value":"22"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> TLS Certificate Expired","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"127.0.0.0/8","value":"0"},"count":1,"description":{"descr":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]"},"duration":60995194,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 51607 and port 3001","epoch_begin":1588921646,"epoch_end":1649916841},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261499100&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"51607","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"3001"},"flow_related_info":{"descr":" [ TLS Certificate Validity: 10/10/2015 17:55:47 - 09/10/2016 17:55:47 ] [ Cipher State: <span class=\"badge bg-success\">safe</span> ] [ Requested Server Name: <span><button data-to-copy='https://localhost' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://localhost' target='_blank'><i class='fas fa-external-link-alt'></i> localhost</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.29 KB | Client to Server Traffic: 1.39 KB ]"},"l7_proto":{"l4_label":"TCP","l7_label":"TLS.ntop","label":"TCP:TLS.ntop","value":"26"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=tls_certificate_expired#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"TLS Certificate Expired <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-009\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 100]","fullname":"TLS Certificate Expired","name":"TLS Certificate Expired","value":22},"proto":{"label":"TCP","value":"6"},"row_id":"1","score":{"color":"#ff3231","label":"250","value":250},"script_key":"tls_certificate_expired","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"127.0.0.0/8","value":"0"},"tstamp":{"highlight":"#ff3231","label":"08/05/2020 09:07:26","value":1588921646},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,975 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.20098686218262}}}

2
tests/e2e/rest/result/v2/alert_web_mining.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/get_alert_data_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/get_alert_data_02.out
View file

@ -1,2 +1,2 @@
{"success":true}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"DNS Packet Larger Than 512 bytes <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-037\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]<br>Malformed packet <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-017\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":"65535"},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 127.0.0.1 [Score: 100]"},"duration":58279515,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 50435 and port 53","epoch_begin":1591551760,"epoch_end":1649831276},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261427416&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"50435","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-success\">NOERROR</span> ] [ URL: <button data-to-copy='https://www.xt.com' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.xt.com' target='_blank'><i class='fas fa-external-link-alt'></i> www.xt.com</a> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.79 KB | Client to Server Traffic: 70 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS","label":"UDP:DNS","value":"5"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 127.0.0.1 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"170","value":170},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":"65535"},"tstamp":{"highlight":"#ff3231","label":"07/06/2020 19:42:40","value":1591551760},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,448 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.22482872009277}}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","recordsFiltered":1,"recordsTotal":1,"rsp":{"records":[{"additional_alerts":{"descr":"DNS Packet Larger Than 512 bytes <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-037\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 50]<br>Malformed packet <a href=\"https://www.ntop.org/guides/nDPI/flow_risks.html#risk-017\" target=\"_blank\"><i class=\"fas fa-lg fa-question-circle\"></i></a> [Score: 10]<br>Remote to Remote [Score: 10]"},"alert_id":{"label":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","value":"33"},"alert_name":"<i class=\"fas fa-fw fa-exclamation\"></i> Unexpected DNS server found","cli_host_pool_id":{"label":"Default","value":"0"},"cli_network":{"label":"","value":""},"cli_role":{"label":"Is Attacker","tag_label":"Is Attacker","value":"attacker"},"count":1,"description":{"descr":"Unexpected DNS server found: 127.0.0.1 [Score: 100]"},"duration":58365446,"family":"flow","filter":{"bpf":"host 127.0.0.1 and host 127.0.0.1 and port 50435 and port 53","epoch_begin":1591551760,"epoch_end":1649917207},"flow":{"active_url":"/lua/flow_details.lua?flow_key=4261427416&flow_hash_id=0","cli_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"cli_port":"50435","srv_ip":{"blacklisted":"0","country":"","label":"localhost","label_long":"localhost","name":"localhost","reference":"<a href='/lua/host_details.lua?host=127.0.0.1' data-bs-toggle='tooltip' title=''><i class='fas fa-laptop'></i></a>","value":"127.0.0.1"},"srv_port":"53"},"flow_related_info":{"descr":" [ Query Type: <span class=\"badge bg-info\">A</span> ] [ Return Code: <span class=\"badge bg-success\">NOERROR</span> ] [ URL: <span><button data-to-copy='https://www.xt.com' class='copy-http-url btn btn-light btn-sm border ms-1' style='cursor: pointer;'><i class='fas fa-copy'></i></button> <a class='ntopng-external-link' href='https://www.xt.com' target='_blank'><i class='fas fa-external-link-alt'></i> www.xt.com</a></span> ] [ Main Direction: Server <i class='fas fa-arrow-right'></i> Client | Server to Client Traffic: 2.79 KB | Client to Server Traffic: 70 Bytes ]"},"l7_proto":{"l4_label":"UDP","l7_label":"DNS","label":"UDP:DNS","value":"5"},"msg":{"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=flow&check=unexpected_dns#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>","description":"Unexpected DNS server found: 127.0.0.1 [Score: 100]","fullname":"Unexpected DNS server found","name":"Unexpected DNS server found","value":33},"proto":{"label":"UDP","value":"17"},"row_id":"1","score":{"color":"#ff3231","label":"170","value":170},"script_key":"unexpected_dns","severity":{"color":"#ff3231","label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ","value":5},"srv_host_pool_id":{"label":"Default","value":"0"},"srv_network":{"label":"","value":""},"tstamp":{"highlight":"#ff3231","label":"07/06/2020 19:42:40","value":1591551760},"vlan_id":"0"}],"stats":{"num_records_processed":"Processed 1 records [4,609 records/sec]","query":" SELECT 4 entity_id, (tstamp_end - tstamp) duration, *, hex(alerts_map) alerts_map FROM `flow_alerts` WHERE 1 = 1 ","query_duration_msec":0.21696090698242}}}

2
tests/e2e/rest/result/v2/get_host_data_01.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/get_host_data_02.out
View file

File diff suppressed because one or more lines are too long

2
tests/e2e/rest/result/v2/get_interface_data_01.out
View file

@ -1 +1 @@
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","rsp":{"active_discovery_active":false,"alerted_flows":45,"alerted_flows_error":42,"alerted_flows_notice":1,"alerted_flows_warning":2,"bytes":3744757,"bytes_download":3744757,"bytes_upload":0,"download_upload_chart":{"download":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"upload":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"dropped_alerts":0,"drops":0,"engaged_alerts":0,"engaged_alerts_error":0,"engaged_alerts_notice":0,"engaged_alerts_warning":0,"epoch":1643802730,"flow_dropped_alerts":0,"flows_pctg":1,"host_dropped_alerts":0,"hosts_pctg":1,"ifid":"0","ifname":"test_01.pcap","is_view":false,"local2remote":185214,"localtime":"12:52:10 +0100","macs_pctg":1,"num_devices":4,"num_flows":179,"num_hosts":42,"num_live_captures":0,"num_local_hosts":4,"num_local_hosts_anomalies":0,"num_remote_hosts_anomalies":0,"other_dropped_alerts":0,"packets":5000,"packets_download":5000,"packets_upload":0,"periodic_stats_update_frequency_secs":5,"profiles":[],"remote2local":3332878,"remote_bps":0,"remote_pps":0,"speed":1000,"system_host_stats":{"alerts_queries":51,"alerts_stats":{"alert_queues":{"internal_alerts_queue":{"pct_not_enqueued":0}}},"cpu_load":0.49000000953674,"cpu_states":{"guest":0,"guest_nice":0,"idle":95.894526034713,"iowait":0.033377837116155,"irq":0,"nice":0,"softirq":0.016688918558077,"steal":0,"system":0.56742323097463,"user":3.4879839786382},"dropped_alerts":0,"mem_buffers":1710216,"mem_cached":8324844,"mem_free":1231780,"mem_ntopng_resident":528784,"mem_ntopng_virtual":21475361800,"mem_shmem":0,"mem_sreclaimable":953524,"mem_total":32724896,"mem_used":20504532,"written_alerts":0},"tcpPacketStats":{"lost":0,"out_of_order":0,"retransmissions":10},"throughput":{"download":{"bps":0,"pps":0},"upload":{"bps":0,"pps":0}},"throughput_bps":0,"throughput_pps":0,"uptime":"00:24 sec"}}
{"rc":0,"rc_str":"OK","rc_str_hr":"Success","rsp":{"active_discovery_active":false,"alerted_flows":40,"alerted_flows_error":37,"alerted_flows_notice":1,"alerted_flows_warning":2,"bytes":3744757,"bytes_download":3744757,"bytes_upload":0,"download_upload_chart":{"download":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"upload":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"dropped_alerts":0,"drops":0,"engaged_alerts":0,"engaged_alerts_error":0,"engaged_alerts_notice":0,"engaged_alerts_warning":0,"epoch":1649918715,"flow_dropped_alerts":0,"flows_pctg":1,"host_dropped_alerts":0,"hosts_pctg":1,"ifid":"0","ifname":"test_01.pcap","is_view":false,"local2remote":185214,"localtime":"08:45:15 +0200","macs_pctg":1,"num_devices":4,"num_flows":179,"num_hosts":42,"num_live_captures":0,"num_local_hosts":4,"num_local_hosts_anomalies":0,"num_remote_hosts_anomalies":0,"other_dropped_alerts":0,"packets":5000,"packets_download":5000,"packets_upload":0,"periodic_stats_update_frequency_secs":5,"profiles":[],"remote2local":3332878,"remote_bps":0,"remote_pps":0,"speed":1000,"system_host_stats":{"alerts_queries":49,"alerts_stats":{"alert_queues":{"internal_alerts_queue":{"pct_not_enqueued":0}}},"cpu_load":0.30000001192093,"cpu_states":{"guest":0,"guest_nice":0,"idle":95.872801082544,"iowait":0.06765899864682,"irq":0,"nice":0,"softirq":0.93031123139378,"steal":0,"system":0.71041948579161,"user":2.4188092016238},"dropped_alerts":0,"mem_buffers":1229140,"mem_cached":14210148,"mem_free":266984,"mem_ntopng_resident":481796,"mem_ntopng_virtual":21475370852,"mem_shmem":0,"mem_sreclaimable":1488808,"mem_total":32724536,"mem_used":15529456,"written_alerts":0},"tcpPacketStats":{"lost":0,"out_of_order":0,"retransmissions":10},"throughput":{"download":{"bps":0,"pps":0},"upload":{"bps":0,"pps":0}},"throughput_bps":0,"throughput_pps":0,"uptime":"00:24 sec"}}

2
tests/e2e/rest/result/v2/set_host_alias_01.out
View file

File diff suppressed because one or more lines are too long