Added host category to flow and host alerts (#4767)

* Fixed shell endpoint bug and added notice when executing the script * Added victim and attacker to security plugins * Updated hosts alert with host_category info * Added host category to hosts alert description * Added host category to flows Co-authored-by: matteo <biscosi@ntop.org>
2026-04-29 15:39:33 +00:00 · 2020-11-20 19:14:07 +01:00 · 2020-11-20 19:14:07 +01:00 · 507583db64
commit 507583db64
parent ca19885d71
21 changed files with 128 additions and 44 deletions
--- a/scripts/lua/modules/alerts_api.lua
+++ b/scripts/lua/modules/alerts_api.lua
@ -132,10 +132,12 @@ end

 --! @brief Adds host information to the alert (only works for host alerts)
 --! @param alert_json Host info will be placed in key `host_info` of table `alert_json`
-local function addAlertHostInfo(alert_json)
-   if alert_json then
+local function addAlertHostInfo(triggered)
+   if triggered then
      -- Add only minimal information to keep the final result as small as possible
-      alert_json.host_info = host.getMinInfo()
+      alert = json.decode(triggered.alert_json)
+      alert.alert_generation.host_info = host.getMinInfo()
+      triggered.alert_json = json.encode(alert)
   end
 end

@ -322,7 +324,7 @@ function alerts_api.trigger(entity_info, type_info, when, cur_alerts)
  triggered.action = "engage"

  addAlertPoolInfo(entity_info, triggered)
-
+  
  -- Emit the notification only if the notification hasn't already been emitted.
  -- This is to avoid alert storms when ntopng is restarted. Indeeed,
  -- if there are 100 alerts triggered when ntopng is switched off, chances are the