Accept list of filters for alerts

2026-05-06 03:45:26 +00:00 · 2021-06-30 11:38:26 +02:00 · 2021-06-30 11:38:26 +02:00 · 1d6a8bfe25
commit 1d6a8bfe25
parent c601031299
2 changed files with 6 additions and 6 deletions
--- a/scripts/lua/modules/alert_store/alert_store.lua
+++ b/scripts/lua/modules/alert_store/alert_store.lua
@ -680,7 +680,7 @@ function alert_store:add_request_filters()
   local epoch_begin = tonumber(_GET["epoch_begin"])
   local epoch_end = tonumber(_GET["epoch_end"])
   local alert_id = _GET["alert_id"] or _GET["alert_type"] --[[ compatibility ]]--
-   local alert_severity = _GET["alert_severity"] or _GET["severity"]
+   local alert_severity = _GET["severity"] or _GET["alert_severity"]
   local rowid = _GET["row_id"]
   local status = _GET["status"]

--- a/scripts/lua/modules/http_lint.lua
+++ b/scripts/lua/modules/http_lint.lua
@ -1363,7 +1363,7 @@ local known_parameters = {
   ["network"]                 = validateNumber,  -- A network ID/name
   ["network_name"]            = validateFilters(validateNetwork),
   ["network_cidr"]            = validateNetwork,               -- A network expressed with the /
-   ["ip"]                      = validateEmptyOr(validateFilters(validateHost)), -- An IPv4 or IPv6 address
+   ["ip"]                      = validateEmptyOr(validateListOfTypeInline(validateFilters(validateHost))), -- An IPv4 or IPv6 address
   ["cli_ip"]                  = validateEmptyOr(validateListOfTypeInline(validateFilters(validateHost))), -- An IPv4 or IPv6 address
   ["srv_ip"]                  = validateEmptyOr(validateListOfTypeInline(validateFilters(validateHost))), -- An IPv4 or IPv6 address
   ["cli_port"]                = validateListOfTypeInline(validateFilters(validatePort)),          --Client port
@ -1518,16 +1518,16 @@ local known_parameters = {
   ["subdir"]                  = validateSingleWord,            -- A user script subdir
   ["profile"]                 = http_lint.validateTrafficProfile,        -- Traffic Profile name
   ["delete_profile"]          = http_lint.validateTrafficProfile,        -- A Traffic Profile to delete
-   ["alert_id"]                = validateFilters(validateNumber),-- An alert type enum
+   ["alert_id"]                = validateListOfTypeInline(validateFilters(validateNumber)),-- An alert type enum
   ["alert_type"]              = validateNumber,                -- An alert type enum (deprecated: use alert_id)
   ["alert_l7_proto"]          = validateNumber,                -- An alert l7 protocol
   ["alert_subtype"]           = validateSingleWord,            -- An alert subtype string
   ["alert_severity"]          = validateNumber,                -- An alert severity enum
-   ["severity"]                = validateFilters(validateNumber), -- Same as alert_severity
+   ["severity"]                = validateListOfTypeInline(validateFilters(validateNumber)), -- Same as alert_severity
   ["alert_granularity"]       = validateNumber,                -- An alert granularity
   ["entity"]                  = validateNumber,                -- An alert entity type
-   ["role"]                    = validateFilters(validateSingleWord), -- attacker/victim
-   ["roles"]                   = validateFilters(validateSingleWord), -- has_attacker/has_victim
+   ["role"]                    = validateListOfTypeInline(validateFilters(validateSingleWord)), -- attacker/victim
+   ["roles"]                   = validateListOfTypeInline(validateFilters(validateSingleWord)), -- has_attacker/has_victim
   ["asn"]                     = validateNumber,                -- An ASN number
   ["module"]                  = validateTopModule,             -- A top script module
   ["step"]                    = validateNumber,                -- A step value