mirror of
https://github.com/ntop/ntopng.git
synced 2026-04-29 15:39:33 +00:00
Removed plugin from ntopng and migrated all of them
This commit is contained in:
Matteo Biscosi
parent
2d186582b2
commit
59754483c9
115 changed files with 535 additions and 2013 deletions
88
scripts/lua/modules/check_definitions/system/ids_ips_log.lua
Normal file
88
scripts/lua/modules/check_definitions/system/ids_ips_log.lua
Normal file
|
|
@ -0,0 +1,88 @@
|
|||
--
|
||||
-- (C) 2019-21 - ntop.org
|
||||
--
|
||||
|
||||
local dirs = ntop.getDirs()
|
||||
package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
|
||||
|
||||
local alerts_api = require("alerts_api")
|
||||
local checks = require("checks")
|
||||
local alert_consts = require("alert_consts")
|
||||
|
||||
local script
|
||||
|
||||
-- #################################################################
|
||||
|
||||
local function check_ids_ips_log(params)
|
||||
local alert_consts = require "alert_consts"
|
||||
local info = params.entity_info
|
||||
local drop_host_pool_utils = require "drop_host_pool_utils"
|
||||
|
||||
-- Emit an alert for each host added to the jailed hosts pool
|
||||
local num_pending = ntop.llenCache(drop_host_pool_utils.ids_ips_jail_add_key)
|
||||
for i = 1, num_pending do
|
||||
local added_host = ntop.lpopCache(drop_host_pool_utils.ids_ips_jail_add_key)
|
||||
|
||||
if not added_host then
|
||||
goto continue
|
||||
end
|
||||
|
||||
local alert = alert_consts.alert_types.alert_ids_ips_jail_add.new(
|
||||
added_host,
|
||||
os.time()
|
||||
)
|
||||
|
||||
alert:set_score_notice()
|
||||
alert:set_subtype(added_host)
|
||||
alert:set_granularity(params.granularity)
|
||||
|
||||
alert:store(params.alert_entity, nil, params.cur_alerts)
|
||||
|
||||
::continue::
|
||||
end
|
||||
|
||||
-- Emit an alert for each host added to the jailed hosts pool
|
||||
local num_pending = ntop.llenCache(drop_host_pool_utils.ids_ips_jail_remove_key)
|
||||
for i = 1, num_pending do
|
||||
local removed_host = ntop.lpopCache(drop_host_pool_utils.ids_ips_jail_remove_key)
|
||||
|
||||
if not removed_host then
|
||||
goto continue
|
||||
end
|
||||
|
||||
local alert = alert_consts.alert_types.alert_ids_ips_jail_remove.new(
|
||||
removed_host,
|
||||
os.time()
|
||||
)
|
||||
|
||||
alert:set_score_notice()
|
||||
alert:set_subtype(removed_host)
|
||||
alert:set_granularity(params.granularity)
|
||||
|
||||
alert:store(params.alert_entity, nil, params.cur_alerts)
|
||||
|
||||
::continue::
|
||||
end
|
||||
end
|
||||
|
||||
-- #################################################################
|
||||
|
||||
script = {
|
||||
-- Script category
|
||||
category = checks.check_categories.ids_ips,
|
||||
|
||||
default_enabled = false,
|
||||
|
||||
hooks = {
|
||||
min = check_ids_ips_log,
|
||||
},
|
||||
|
||||
gui = {
|
||||
i18n_title = "show_alerts.ids_ips_log",
|
||||
i18n_description = "show_alerts.ids_ips_log_descr",
|
||||
}
|
||||
}
|
||||
|
||||
-- #################################################################
|
||||
|
||||
return script
|
||||
Loading…
Add table
Add a link
Reference in a new issue