vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-01 00:19:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'alerts-store' into dev

Browse source
This commit is contained in:
Simone Mainardi 2021-04-26 19:59:30 +02:00
commit 2278926da4
265 changed files with 5802 additions and 1672 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/lua/modules/callback_definitions/host/dns.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local dns = {
category = user_scripts.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_dns_traffic,
default_value = {
operator = "gt",

2
scripts/lua/modules/callback_definitions/host/dns_contacts.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local dns_contacts = {
category = user_scripts.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_dns_server_contacts,
default_value = {
operator = "gt",

2
scripts/lua/modules/callback_definitions/host/flow_flood.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local flow_flood = {
category = user_scripts.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_flow_flood,
default_value = {
-- "> 50"

5
scripts/lua/modules/callback_definitions/host/flows_anomaly.lua
View file

@ -4,12 +4,15 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local flows_anomaly = {
-- Script category
category = user_scripts.script_categories.network,
category = user_scripts.script_categories.network,
alert_id = host_alert_keys.host_alert_flows_anomaly,
default_value = {
severity = alert_severities.warning,

2
scripts/lua/modules/callback_definitions/host/host_score.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require ("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local host_score = {
category = user_scripts.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_score,
default_value = {
-- "> 1000"

2
scripts/lua/modules/callback_definitions/host/ntp_contacts.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local ntp_contacts = {
category = user_scripts.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_ntp_server_contacts,
default_value = {
operator = "gt",

2
scripts/lua/modules/callback_definitions/host/p2p.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local p2p = {
category = user_scripts.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_p2p_traffic,
default_value = {
operator = "gt",

2
scripts/lua/modules/callback_definitions/host/remote_connection.lua
View file

@ -4,12 +4,14 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
local remote_connection = {
-- Script category
category = user_scripts.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_remote_connection,
default_value = {
severity = alert_severities.notice,

2
scripts/lua/modules/callback_definitions/host/score_anomaly.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local score_anomaly = {
category = user_scripts.script_categories.security,
default_enabled = true,
alert_id = host_alert_keys.host_alert_score_anomaly,
default_value = {
severity = alert_severities.warning,

2
scripts/lua/modules/callback_definitions/host/smtp_contacts.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local smtp_contacts = {
category = user_scripts.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_smtp_server_contacts,
default_value = {
operator = "gt",

2
scripts/lua/modules/callback_definitions/host/syn_flood.lua
View file

@ -4,6 +4,7 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
-- #################################################################
@ -12,6 +13,7 @@ local syn_flood = {
category = user_scripts.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_syn_flood,
default_value = {
operator = "gt",

2
scripts/lua/modules/callback_definitions/host/syn_scan.lua
View file

@ -4,12 +4,14 @@
local user_scripts = require("user_scripts")
local alert_severities = require "alert_severities"
local host_alert_keys = require "host_alert_keys"
local syn_scan = {
-- Script category
category = user_scripts.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_syn_scan,
-- The default threshold value. The format is specific of the
-- "threshold_cross" input builder