Added vulnerability issues alert (#7717)

2026-04-29 07:29:32 +00:00 · 2023-08-04 13:23:40 +00:00 · 2023-08-04 13:23:40 +00:00 · 3ca4ad98ae
commit 3ca4ad98ae
parent 864203abb2
5 changed files with 157 additions and 11 deletions
--- a/scripts/lua/modules/alert_definitions/other/alert_vulnerability_scan.lua
+++ b/scripts/lua/modules/alert_definitions/other/alert_vulnerability_scan.lua
@ -0,0 +1,65 @@
+--
+-- (C) 2019-22 - ntop.org
+--
+
+-- ##############################################
+
+local other_alert_keys = require "other_alert_keys"
+
+-- Import the classes library.
+local classes = require "classes"
+-- Make sure to import the Superclass!
+local alert = require "alert"
+local alert_entities = require "alert_entities"
+
+-- ##############################################
+
+local alert_vulnerability_scan = classes.class(alert)
+
+alert_vulnerability_scan.meta = {
+  alert_key = other_alert_keys.alert_vulnerability_scan,
+  i18n_title = "alerts_dashboard.vulnerability_scan_title",
+  icon = "fas fa-fw fa-exclamation-triangle",
+  entities = {
+     alert_entities.system,
+  },
+}
+
+-- ##############################################
+
+function alert_vulnerability_scan:init(differences_list)
+   -- Call the parent constructor
+   self.super:init()
+
+   self.alert_type_params = differences_list
+end
+
+-- #######################################################
+
+-- @brief Format an alert into a human-readable string
+-- @param ifid The integer interface id of the generated alert
+-- @param alert The alert description table, including alert data such as the generating entity, timestamp, granularity, type
+-- @param alert_type_params Table `alert_type_params` as built in the `:init` method
+-- @return A human-readable string
+function alert_vulnerability_scan.format(ifid, alert, alert_type_params)
+   local msg = ""
+   if alert_type_params.num_ports and alert_type_params.num_ports.new_num_ports and alert_type_params.num_ports.old_num_ports then
+      if alert_type_params.num_ports.new_num_ports ~= alert_type_params.num_ports.old_num_ports then
+         msg = msg .. i18n('vulnerability_scan_alert_ports_changed', { new_num_ports = alert_type_params.num_ports.new_num_ports, old_num_ports = alert_type_params.num_ports.old_num_ports }) .. " "
+      end
+   end
+
+   if alert_type_params.num_new_cve_issues then
+      msg = msg .. i18n('vulnerability_scan_alert_new_issues', { num_issues = alert_type_params.num_new_cve_issues }) .. " "
+   end
+
+   if alert_type_params.num_cve_solved then
+      msg = msg .. i18n('vulnerability_scan_alert_solved_issues', { num_issues = alert_type_params.num_cve_solved }) .. " "
+   end
+
+   return i18n('vulnerability_scan_alert', { msg = msg })
+end
+
+-- #######################################################
+
+return alert_vulnerability_scan