diff --git a/include/Alert.h b/include/Alert.h index 87e2e4984b..4d37c1b0c2 100644 --- a/include/Alert.h +++ b/include/Alert.h @@ -30,6 +30,7 @@ class Alert { u_int8_t score; std::string subtype; std::string json; + std::string ip; }; #endif diff --git a/include/OtherAlertableEntity.h b/include/OtherAlertableEntity.h index f62ce8ad85..66f9414896 100644 --- a/include/OtherAlertableEntity.h +++ b/include/OtherAlertableEntity.h @@ -69,7 +69,7 @@ class OtherAlertableEntity : public AlertableEntity { bool triggerAlert(lua_State *vm, std::string key, ScriptPeriodicity p, time_t now, u_int32_t score, AlertType alert_id, - const char *subtype, const char *json); + const char *subtype, const char *json, const char *ip); bool releaseAlert(lua_State *vm, std::string key, ScriptPeriodicity p, time_t now); diff --git a/scripts/lua/modules/alert_store/alert_store.lua b/scripts/lua/modules/alert_store/alert_store.lua index b0155bc087..3261be8a66 100644 --- a/scripts/lua/modules/alert_store/alert_store.lua +++ b/scripts/lua/modules/alert_store/alert_store.lua @@ -1750,14 +1750,14 @@ function alert_store:select_request(filter, select_fields, download --[[ Availab -- Add filters self:add_request_filters() - - if self._status == alert_consts.alert_status.engaged.alert_status_id then -- Engaged + local is_engaged = self._status == alert_consts.alert_status.engaged.alert_status_id + if is_engaged then -- Engaged -- Add limits and sort criteria self:add_request_ranges() local alerts, total_rows = self:select_engaged(filter) - return alerts, total_rows, {} + return alerts, total_rows, {}, is_engaged else -- Historical -- Handle Custom Queries (query_preset) @@ -1823,7 +1823,7 @@ function alert_store:select_request(filter, select_fields, download --[[ Availab local res, info = self:select_historical(filter, select_fields, download --[[ Available only with ClickHouse ]] ) - return res, total_row, info + return res, total_row, info, is_engaged end end diff --git a/scripts/lua/modules/alert_store/snmp_device_alert_store.lua b/scripts/lua/modules/alert_store/snmp_device_alert_store.lua index cd33f4fe62..6a4b0e6ace 100644 --- a/scripts/lua/modules/alert_store/snmp_device_alert_store.lua +++ b/scripts/lua/modules/alert_store/snmp_device_alert_store.lua @@ -154,9 +154,9 @@ end -- ############################################## --@brief Convert an alert coming from the DB (value) to a record returned by the REST API -function snmp_device_alert_store:format_record(value, no_html) - if not value["ip"] then +function snmp_device_alert_store:format_record(value, no_html, is_engaged) -- This is an in-memory engaged alert, let's extract the ip and the port from the entity_val + if (is_engaged) then value["ip"], value["port"] = self:_entity_val_to_ip_and_port(value["entity_val"]) end diff --git a/scripts/lua/modules/alerts_api.lua b/scripts/lua/modules/alerts_api.lua index 7fb3b562ca..de70e9ba80 100644 --- a/scripts/lua/modules/alerts_api.lua +++ b/scripts/lua/modules/alerts_api.lua @@ -326,10 +326,17 @@ function alerts_api.trigger(entity_info, type_info, when, cur_alerts) type_info.score = 0 end + local device_ip, port + if (entity_info.alert_entity.entity_id == alert_consts.alertEntity("snmp_device")) then + local snmp_device_alert_store = require "snmp_device_alert_store".new() + + device_ip, port = snmp_device_alert_store:_entity_val_to_ip_and_port(entity_info.entity_val) + end + local params = { alert_key_name, granularity_id, type_info.score, type_info.alert_type.alert_key, - subtype, alert_json, + subtype, alert_json, device_ip } if(entity_info.alert_entity.entity_id == alert_consts.alertEntity("interface")) then diff --git a/src/LuaEngineNtop.cpp b/src/LuaEngineNtop.cpp index 6b422868a2..f12f3e3eb8 100644 --- a/src/LuaEngineNtop.cpp +++ b/src/LuaEngineNtop.cpp @@ -517,7 +517,7 @@ int ntop_release_triggered_alert(lua_State *vm, OtherAlertableEntity *alertable, int ntop_store_triggered_alert(lua_State *vm, OtherAlertableEntity *alertable, u_int idx) { struct ntopngLuaContext *c = getLuaVMContext(vm); - char *key, *alert_subtype, *alert_json; + char *key, *alert_subtype, *alert_json, *ip = NULL; ScriptPeriodicity periodicity; u_int32_t score; AlertType alert_type; @@ -556,9 +556,10 @@ int ntop_store_triggered_alert(lua_State *vm, OtherAlertableEntity *alertable, if ((alert_json = (char *)lua_tostring(vm, idx++)) == NULL) return (ntop_lua_return_value(vm, __FUNCTION__, CONST_LUA_PARAM_ERROR)); + ip = (char*)lua_tostring(vm, idx++); /* triggered = */ alertable->triggerAlert(vm, std::string(key), periodicity, time(NULL), score, alert_type, - alert_subtype, alert_json); + alert_subtype, alert_json, ip); return (ntop_lua_return_value(vm, __FUNCTION__, CONST_LUA_OK)); } diff --git a/src/OtherAlertableEntity.cpp b/src/OtherAlertableEntity.cpp index 23a65fc7cb..67bff9c65a 100644 --- a/src/OtherAlertableEntity.cpp +++ b/src/OtherAlertableEntity.cpp @@ -48,6 +48,7 @@ void OtherAlertableEntity::luaAlert(lua_State *vm, const Alert *alert, lua_push_int32_table_entry(vm, "granularity", Utils::periodicityToSeconds((ScriptPeriodicity)p)); lua_push_str_table_entry(vm, "json", alert->json.c_str()); + lua_push_str_table_entry(vm, "ip", alert->ip.c_str()); } /* ****************************************** */ @@ -58,7 +59,7 @@ void OtherAlertableEntity::luaAlert(lua_State *vm, const Alert *alert, bool OtherAlertableEntity::triggerAlert(lua_State *vm, std::string key, ScriptPeriodicity p, time_t now, u_int32_t score, AlertType alert_id, - const char *subtype, const char *json) { + const char *subtype, const char *json, const char *ip) { bool rv = false; std::map::iterator it; @@ -78,6 +79,7 @@ bool OtherAlertableEntity::triggerAlert(lua_State *vm, std::string key, alert.alert_id = alert_id; alert.subtype = subtype; alert.json = json; + alert.ip = ip ? ip : ""; incNumAlertsEngaged(Utils::mapScoreToSeverity(score));