Add alert type filter for all families

2026-05-06 03:45:26 +00:00 · 2021-06-23 12:53:20 +02:00 · 2021-06-23 12:53:20 +02:00 · 279ed66deb
commit 279ed66deb
parent 3031e09161
47 changed files with 181 additions and 17 deletions
--- a/scripts/lua/modules/alert_consts.lua
+++ b/scripts/lua/modules/alert_consts.lua
@ -398,6 +398,18 @@ function loadDefinition(def_script, mod_fname, script_path)
   end
   alerts_by_id[alert_entity_id][alert_key] = mod_fname

+   -- Handle 'other' alerts
+   -- Note: some are used by multiple entities, defined under
+   -- meta in the alert definition
+   if def_script.meta['entities'] then
+      for _, entity in ipairs(def_script.meta['entities']) do
+         if not alerts_by_id[entity.entity_id] then
+            alerts_by_id[entity.entity_id] = {}
+         end
+         alerts_by_id[entity.entity_id][alert_key] = mod_fname
+      end
+   end
+
   -- Success
   return(true)
 end
--- a/scripts/lua/modules/alert_definitions/other/alert_am_threshold_cross.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_am_threshold_cross.lua
@ -10,6 +10,7 @@ local format_utils = require("format_utils")
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -21,6 +22,9 @@ alert_am_threshold_cross.meta = {
   alert_key = other_alert_keys.alert_am_threshold_cross,
   i18n_title = "graphs.active_monitoring",
   icon = "fas fa-fw fa-exclamation",
+   entities = {
+      am_host,
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_attack_mitigation_via_snmp.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_attack_mitigation_via_snmp.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_attack_mitigation_via_snmp.meta = {
   alert_key = other_alert_keys.alert_attack_mitigation_via_snmp,
   i18n_title = "alerts_dashboard.attack_mitigation_snmp_title",
   icon = "fa fa-stop-circle",
+   entities = {
+      alert_entities.snmp_device
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_broadcast_domain_too_large.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_broadcast_domain_too_large.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_broadcast_domain_too_large.meta = {
   alert_key = other_alert_keys.alert_broadcast_domain_too_large,
   i18n_title = "alerts_dashboard.broadcast_domain_too_large",
   icon = "fas fa-fw fa-sitemap",
+   entities = {
+      alert_entities.mac
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_contacts_anomaly.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_contacts_anomaly.lua
@ -7,6 +7,7 @@
 local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -18,6 +19,7 @@ alert_contacts_anomaly.meta = {
   alert_key = other_alert_keys.alert_contacts_anomaly,
   i18n_title = "alerts_dashboard.unexpected_host_behaviour_contacts_title",
   icon = "fas fa-fw fa-exclamation",
+   entities = {},
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_device_connection.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_device_connection.lua
@ -10,6 +10,7 @@ local alert_creators = require "alert_creators"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -21,6 +22,9 @@ alert_device_connection.meta = {
  alert_key = other_alert_keys.alert_device_connection,
  i18n_title = "alerts_dashboard.device_connection",
  icon = "fas fa-fw fa-sign-in",
+  entities = {
+    alert_entities.mac
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_device_disconnection.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_device_disconnection.lua
@ -10,6 +10,7 @@ local alert_creators = require "alert_creators"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -21,6 +22,9 @@ alert_device_disconnection.meta = {
  alert_key = other_alert_keys.alert_device_disconnection,
  i18n_title = "alerts_dashboard.device_disconnection",
  icon = "fas fa-fw fa-sign-out",
+  entities = {
+    alert_entities.mac
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_dropped_alerts.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_dropped_alerts.lua
@ -11,6 +11,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_dropped_alerts.meta = {
  alert_key = other_alert_keys.alert_dropped_alerts,
  i18n_title = i18n("show_alerts.dropped_alerts"),
  icon = "fas fa-fw fa-exclamation-triangle",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_excessive_traffic.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_excessive_traffic.lua
@ -14,6 +14,7 @@ local format_utils = require "format_utils"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -25,6 +26,10 @@ alert_excessive_traffic.meta = {
  alert_key = other_alert_keys.alert_excessive_traffic,
  i18n_title = "excessive_traffic.title",
  icon = "fas fa-fw fa-arrow-circle-up",
+  entities = {
+    alert_entities.interface,
+    alert_entities.network 
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_fail2ban_executed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_fail2ban_executed.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,7 @@ alert_fail2ban_executed.meta = {
  alert_key = other_alert_keys.alert_fail2ban_executed,
  i18n_title = "alerts_dashboard.fail2ban",
  icon = "fas fa-fw fa-info-circle",
+  entities = {},
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_flow_flood_victim.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_flow_flood_victim.lua
@ -14,6 +14,7 @@ local json = require("dkjson")
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -25,6 +26,7 @@ alert_flow_flood_victim.meta = {
  alert_key = other_alert_keys.alert_flow_flood_victim,
  i18n_title = "alerts_dashboard.flow_flood_victim",
  icon = "fas fa-fw fa-life-ring",
+  entities = {},
  has_victim = true,
 }

--- a/scripts/lua/modules/alert_definitions/other/alert_ghost_network.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_ghost_network.lua
@ -10,6 +10,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -21,6 +22,10 @@ alert_ghost_network.meta = {
  alert_key = other_alert_keys.alert_ghost_network,
  i18n_title = "alerts_dashboard.ghost_network_detected",
  icon = "fas fa-fw fa-ghost",
+  entities = {
+     alert_entities.interface,
+     alert_entities.network
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_host_pool_connection.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_host_pool_connection.lua
@ -10,6 +10,7 @@ local alert_creators = require "alert_creators"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -21,6 +22,9 @@ alert_host_pool_connection.meta = {
   alert_key = other_alert_keys.alert_host_pool_connection,
   i18n_title = "alerts_dashboard.host_pool_connection",
   icon = "fas fa-fw fa-sign-in",
+   entities = {
+      alert_entities.host_pool
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_host_pool_disconnection.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_host_pool_disconnection.lua
@ -10,6 +10,7 @@ local alert_creators = require "alert_creators"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -21,6 +22,7 @@ alert_host_pool_disconnection.meta = {
  alert_key = other_alert_keys.alert_host_pool_disconnection,
  i18n_title = "alerts_dashboard.host_pool_disconnection",
  icon = "fas fa-fw fa-sign-out",
+entities = {},
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_influxdb_error.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_influxdb_error.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_influxdb_error.meta = {
  alert_key = other_alert_keys.alert_influxdb_error,
  i18n_title = "alerts_dashboard.influxdb_error",
  icon = "fas fa-fw fa-database",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_influxdb_export_failure.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_influxdb_export_failure.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,7 @@ alert_influxdb_export_failure.meta = {
   alert_key = other_alert_keys.alert_influxdb_export_failure,
   i18n_title = "alerts_dashboard.influxdb_export_failure",
   icon = "fas fa-fw fa-database",
+entities = {},
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_ip_outsite_dhcp_range.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_ip_outsite_dhcp_range.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,7 @@ alert_ip_outsite_dhcp_range.meta = {
  alert_key = other_alert_keys.alert_ip_outsite_dhcp_range,
  i18n_title = "alerts_dashboard.misconfigured_dhcp_range",
  icon = "fas fa-fw fa-exclamation",
+  entities = {},
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_list_download_failed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_list_download_failed.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_list_download_failed.meta = {
   alert_key = other_alert_keys.alert_list_download_failed,
   i18n_title = "alerts_dashboard.list_download_failed",
   icon = "fas fa-fw fa-sticky-note",
+   entities = {
+      alert_entities.system
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_list_download_succeeded.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_list_download_succeeded.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_list_download_succeeded.meta = {
   alert_key = other_alert_keys.alert_list_download_succeeded,
   i18n_title = "alerts_dashboard.list_download_succeeded",
   icon = "fas fa-fw fa-sticky-note",
+   entities = {
+      alert_entities.system
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_login_failed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_login_failed.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,10 @@ alert_login_failed.meta = {
  alert_key = other_alert_keys.alert_login_failed,
  i18n_title = "alerts_dashboard.login_failed",
  icon = "fas fa-fw fa-sign-in",
+  entities = {
+    alert_entities.user,
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_mac_ip_association_change.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_mac_ip_association_change.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_mac_ip_association_change.meta = {
  alert_key = other_alert_keys.alert_mac_ip_association_change,
  i18n_title = "alerts_dashboard.mac_ip_association_change",
  icon = "fas fa-fw fa-exchange-alt",
+  entities = {
+    alert_entities.mac
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_misconfigured_app.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_misconfigured_app.lua
@ -10,6 +10,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -21,6 +22,9 @@ alert_misconfigured_app.meta = {
  alert_key = other_alert_keys.alert_misconfigured_app,
  i18n_title = "alerts_dashboard.misconfigured_app",
  icon = "fas fa-fw fa-cog",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_nfq_flushed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_nfq_flushed.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_nfq_flushed.meta = {
  alert_key = other_alert_keys.alert_nfq_flushed,
  i18n_title = "alerts_dashboard.nfq_flushed",
  icon = "fas fa-fw fa-angle-double-down",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_ngi_trust_event.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_ngi_trust_event.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"
 local format_utils = require "format_utils"

 -- ##############################################
@ -21,6 +22,7 @@ alert_ngi_trust_event.meta = {
  alert_key = other_alert_keys.alert_ngi_trust_event,
  i18n_title = "alerts_dashboard.ngi_trust_event",
  icon = "fas fa-fw fa-home",
+  entities = {},
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_no_if_activity.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_no_if_activity.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -17,9 +18,12 @@ local alert_no_if_activity = classes.class(alert)
 -- ##############################################

 alert_no_if_activity.meta = {  
-alert_key = other_alert_keys.alert_no_if_activity,
-i18n_title = "no_if_activity.alert_no_activity_title",
-icon = "fas fa-fw fa-arrow-circle-up",
+   alert_key = other_alert_keys.alert_no_if_activity,
+   i18n_title = "no_if_activity.alert_no_activity_title",
+   icon = "fas fa-fw fa-arrow-circle-up",
+   entities = {
+      alert_entities.interface
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_periodic_activity_not_executed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_periodic_activity_not_executed.lua
@ -11,6 +11,7 @@ package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"
 local format_utils = require "format_utils"

 -- ##############################################
@ -23,6 +24,9 @@ alert_periodic_activity_not_executed.meta = {
  alert_key = other_alert_keys.alert_periodic_activity_not_executed,
  i18n_title = "alerts_dashboard.periodic_activity_not_executed",
  icon = "fas fa-fw fa-undo",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_port_duplexstatus_change.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_port_duplexstatus_change.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_port_duplexstatus_change.meta = {
   alert_key = other_alert_keys.alert_port_duplexstatus_change,
   i18n_title = "alerts_dashboard.snmp_port_duplexstatus_change",
   icon = "fas fa-fw fa-exclamation",
+   entities = {
+      alert_entities.snmp_device
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_port_errors.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_port_errors.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_port_errors.meta = {
   alert_key = other_alert_keys.alert_port_errors,
   i18n_title = "alerts_dashboard.snmp_port_errors",
   icon = "fas fa-fw fa-exclamation",
+   entities = {
+      alert_entities.snmp_device
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_port_load_threshold_exceeded.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_port_load_threshold_exceeded.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_port_load_threshold_exceeded.meta = {
   alert_key = other_alert_keys.alert_port_load_threshold_exceeded,
   i18n_title = "alerts_dashboard.snmp_port_load_threshold_exceeded",
   icon = "fas fa-fw fa-exclamation",
+   entities = {
+      alert_entities.snmp_device
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_port_mac_changed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_port_mac_changed.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,7 @@ alert_port_mac_changed.meta = {
   alert_key = other_alert_keys.alert_port_mac_changed,
   i18n_title = "alerts_dashboard.alert_snmp_interface_mac_changed_title",
   icon = "fas fa-fw fa-exclamation",
+   entities = {},
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_port_status_change.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_port_status_change.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_port_status_change.meta = {
   alert_key = other_alert_keys.alert_port_status_change,
   i18n_title = "alerts_dashboard.snmp_port_status_change",
   icon = "fas fa-fw fa-exclamation",
+   entities = {
+      alert_entities.snmp_device
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_process_notification.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_process_notification.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_process_notification.meta = {
  alert_key = other_alert_keys.alert_process_notification,
  i18n_title = "alerts_dashboard.process",
  icon = "fas fa-fw fa-truck",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_quota_exceeded.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_quota_exceeded.lua
@ -11,6 +11,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -22,6 +23,9 @@ alert_quota_exceeded.meta = {
  alert_key = other_alert_keys.alert_quota_exceeded,
  i18n_title = "alerts_dashboard.quota_exceeded",
  icon = "fas fa-fw fa-thermometer-full",
+  entities = {
+    alert_entities.host_pool
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_shell_script_executed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_shell_script_executed.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_shell_script_executed.meta = {
  alert_key = other_alert_keys.alert_shell_script_executed,
  i18n_title = "alerts_dashboard.shell_script",
  icon = "fas fa-fw fa-info-circle",
+  entities = {
+     alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_slow_periodic_activity.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_slow_periodic_activity.lua
@ -14,6 +14,7 @@ local format_utils = require "format_utils"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -25,6 +26,9 @@ alert_slow_periodic_activity.meta = {
  alert_key = other_alert_keys.alert_slow_periodic_activity,
  i18n_title = "alerts_dashboard.slow_periodic_activity",
  icon = "fas fa-fw fa-undo",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_slow_purge.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_slow_purge.lua
@ -12,6 +12,7 @@ local format_utils = require "format_utils"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -23,6 +24,9 @@ alert_slow_purge.meta = {
  alert_key = other_alert_keys.alert_slow_purge,
  i18n_title = "alerts_dashboard.slow_purge",
  icon = "fas fa-fw fa-exclamation",
+  entities = {
+    alert_entities.system
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_snmp_device_reset.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_snmp_device_reset.lua
@ -9,6 +9,7 @@ local other_alert_keys = require "other_alert_keys"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -20,6 +21,9 @@ alert_snmp_device_reset.meta = {
   alert_key = other_alert_keys.alert_snmp_device_reset,
   i18n_title = "alerts_dashboard.alert_snmp_device_reset_title",
   icon = "fas fa-fw fa-power-off",
+  entities = {
+    alert_entities.snmp_device
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_snmp_topology_changed.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_snmp_topology_changed.lua
@ -11,6 +11,7 @@ package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -22,6 +23,9 @@ alert_snmp_topology_changed.meta = {
  alert_key = other_alert_keys.alert_snmp_topology_changed,
  i18n_title = i18n("snmp.lldp_topology_changed"),
  icon = "fas fa-fw fa-topology-alt",
+  entities = {
+    alert_entities.snmp_device
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_tcp_syn_flood_victim.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_tcp_syn_flood_victim.lua
@ -15,6 +15,7 @@ local format_utils = require "format_utils"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -26,6 +27,7 @@ alert_tcp_syn_flood_victim.meta = {
  alert_key = other_alert_keys.alert_tcp_syn_flood_victim,
  i18n_title = "alerts_dashboard.tcp_syn_flood_victim",
  icon = "fas fa-fw fa-life-ring",
+  entities = {},
  has_victim = true,
 }

--- a/scripts/lua/modules/alert_definitions/other/alert_tcp_syn_scan_victim.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_tcp_syn_scan_victim.lua
@ -14,6 +14,7 @@ local format_utils = require "format_utils"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -25,6 +26,7 @@ alert_tcp_syn_scan_victim.meta = {
  alert_key = other_alert_keys.alert_tcp_syn_scan_victim,
  i18n_title = "alerts_dashboard.tcp_syn_scan_victim",
  icon = "fas fa-fw fa-life-ring",
+  entities = {},
  has_victim = true,
 }

--- a/scripts/lua/modules/alert_definitions/other/alert_threshold_cross.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_threshold_cross.lua
@ -14,6 +14,8 @@ local format_utils = require "format_utils"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -25,6 +27,12 @@ alert_threshold_cross.meta = {
  alert_key = other_alert_keys.alert_threshold_cross,
  i18n_title = "alerts_dashboard.threashold_cross",
  icon = "fas fa-fw fa-arrow-circle-up",
+entities = {},
+  entities = {
+    alert_entities.interface,
+    alert_entities.network,
+    alert_entities.host_pool,
+  }
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_too_many_drops.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_too_many_drops.lua
@ -11,6 +11,7 @@ package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -22,6 +23,9 @@ alert_too_many_drops.meta = {
  alert_key = other_alert_keys.alert_too_many_drops,
  i18n_title = "alerts_dashboard.too_many_drops",
  icon = "fas fa-fw fa-tint",
+  entities = {
+    alert_entities.interface
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_unexpected_new_device.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_unexpected_new_device.lua
@ -11,6 +11,7 @@ local alert_creators = require "alert_creators"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -22,6 +23,9 @@ alert_unexpected_new_device.meta = {
  alert_key = other_alert_keys.alert_unexpected_new_device,
  i18n_title = "unexpected_new_device.alert_unexpected_new_device_title",
  icon = "fas fa-fw fa-exclamation",
+  entities = {
+    alert_entities.mac
+  },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_definitions/other/alert_user_activity.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_user_activity.lua
@ -11,6 +11,7 @@ local pools_lua_utils = require "pools_lua_utils"
 local classes = require "classes"
 -- Make sure to import the Superclass!
 local alert = require "alert"
+local alert_entities = require "alert_entities"

 -- ##############################################

@ -19,9 +20,12 @@ local alert_user_activity = classes.class(alert)
 -- ##############################################

 alert_user_activity.meta = {
-	alert_key = other_alert_keys.alert_user_activity,
-	i18n_title = "alerts_dashboard.user_activity",
-	icon = "fas fa-fw fa-user",
+   alert_key = other_alert_keys.alert_user_activity,
+   i18n_title = "alerts_dashboard.user_activity",
+   icon = "fas fa-fw fa-user",
+   entities = {
+      alert_entities.user
+   },
 }

 -- ##############################################
--- a/scripts/lua/modules/alert_store/alert_store.lua
+++ b/scripts/lua/modules/alert_store/alert_store.lua
@ -706,9 +706,10 @@ function alert_store:get_available_filters()
   local additional_filters = self:_get_additional_available_filters()

   local filters = {
-      -- Note alert_id could have been defined here for all families, 
-      -- however this requires a migration of the 'other' alerts
-      -- in order to list alerts by entity
+      alert_id = {
+         value_type = 'alert_id',
+	 i18n_label = i18n('tags.alert_id'),
+      }, 
      severity = {
         value_type = 'severity',
 	 i18n_label = 'tags.severity'
--- a/scripts/lua/modules/alert_store/flow_alert_store.lua
+++ b/scripts/lua/modules/alert_store/flow_alert_store.lua
@ -356,10 +356,6 @@ end
 --@brief Get info about additional available filters
 function flow_alert_store:_get_additional_available_filters()
   local filters = {
-      alert_id = {
-         value_type = 'alert_id',
-	 i18n_label = i18n('tags.alert_id'),
-      }, 
      cli_ip = {
         value_type = 'ip',
 	 i18n_label = i18n('tags.cli_ip'),
--- a/scripts/lua/modules/alert_store/host_alert_store.lua
+++ b/scripts/lua/modules/alert_store/host_alert_store.lua
@ -180,10 +180,6 @@ end
 --@brief Get info about additional available filters
 function host_alert_store:_get_additional_available_filters()
   local filters = {
-      alert_id = {
-         value_type = 'alert_id',
-	 i18n_label = i18n('tags.alert_id'),
-      }, 
      ip = {
         value_type = 'ip',
 	 i18n_label = i18n('tags.ip'),