vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 16:09:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Cleanup parametric alert severities from flow status definitions

Browse source
This commit is contained in:
Simone Mainardi 2020-11-12 12:12:25 +01:00
parent 8b7a99aa94
commit 636ac2e804
18 changed files with 2 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

1
scripts/lua/modules/flow_status_definitions/status_blocked.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_blocked,
alert_severity = alert_consts.alert_severities.info,
alert_type = alert_consts.alert_types.alert_flow_blocked,
i18n_title = "flow_details.flow_blocked_by_bridge"
}

1
scripts/lua/modules/flow_status_definitions/status_data_exfiltration.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_data_exfiltration,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_flow_misbehaviour,
i18n_title = "flow_details.data_exfiltration"
}

1
scripts/lua/modules/flow_status_definitions/status_dns_data_exfiltration.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_dns_data_exfiltration,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_flow_misbehaviour,
i18n_title = "flow_details.dns_data_exfiltration"
}

1
scripts/lua/modules/flow_status_definitions/status_dns_invalid_query.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_dns_invalid_query,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_suspicious_activity,
i18n_title = "flow_details.dns_invalid_query"
}

1
scripts/lua/modules/flow_status_definitions/status_elephant_local_to_remote.lua
View file

@ -16,7 +16,6 @@ end
return {
status_key = status_keys.ntopng.status_elephant_local_to_remote,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_flow_misbehaviour,
i18n_title = "flow_details.elephant_flow_l2r",
i18n_description = formatElephantStatus

1
scripts/lua/modules/flow_status_definitions/status_elephant_remote_to_local.lua
View file

@ -16,7 +16,6 @@ end
return {
status_key = status_keys.ntopng.status_elephant_remote_to_local,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_flow_misbehaviour,
i18n_title = "flow_details.elephant_flow_r2l",
i18n_description = formatElephantStatus

1
scripts/lua/modules/flow_status_definitions/status_longlived.lua
View file

@ -33,7 +33,6 @@ end
return {
status_key = status_keys.ntopng.status_longlived,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_flow_misbehaviour,
i18n_title = "flow_details.longlived_flow",
i18n_description = formatLongLivedFlow

1
scripts/lua/modules/flow_status_definitions/status_malicious_signature.lua
View file

@ -42,7 +42,6 @@ end
return {
status_key = status_keys.ntopng.status_malicious_signature,
alert_severity = alert_consts.alert_severities.warning,
alert_type = alert_consts.alert_types.alert_malicious_signature,
i18n_title = "alerts_dashboard.malicious_signature_detected",
i18n_description = formatMaliciousSignature

1
scripts/lua/modules/flow_status_definitions/status_potentially_dangerous.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_potentially_dangerous,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_potentially_dangerous_protocol,
i18n_title = "flow_details.potentially_dangerous_protocol"
}

1
scripts/lua/modules/flow_status_definitions/status_suspicious_tcp_probing.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_suspicious_tcp_probing,
alert_severity = alert_consts.alert_severities.info,
alert_type = alert_consts.alert_types.alert_suspicious_activity,
i18n_title = "flow_details.suspicious_tcp_probing",
}

1
scripts/lua/modules/flow_status_definitions/status_suspicious_tcp_syn_probing.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_suspicious_tcp_syn_probing,
alert_severity = alert_consts.alert_severities.info,
alert_type = alert_consts.alert_types.alert_suspicious_activity,
i18n_title = "flow_details.suspicious_tcp_syn_probing",
}

1
scripts/lua/modules/flow_status_definitions/status_tcp_connection_refused.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_tcp_connection_refused,
alert_severity = alert_consts.alert_severities.info,
alert_type = alert_consts.alert_types.alert_suspicious_activity,
i18n_title = "flow_details.tcp_connection_refused"
}

1
scripts/lua/modules/flow_status_definitions/status_tls_certificate_expired.lua
View file

@ -24,7 +24,6 @@ end
return {
status_key = status_keys.ntopng.status_tls_certificate_expired,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_potentially_dangerous_protocol,
i18n_title = "flow_details.tls_certificate_expired",
i18n_description = formatTLSCertificateExpired

1
scripts/lua/modules/flow_status_definitions/status_tls_certificate_mismatch.lua
View file

@ -29,7 +29,6 @@ end
return {
status_key = status_keys.ntopng.status_tls_certificate_mismatch,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_potentially_dangerous_protocol,
i18n_title = "flow_details.tls_certificate_mismatch",
i18n_description = formatTLSCertificateMismatch

1
scripts/lua/modules/flow_status_definitions/status_tls_certificate_selfsigned.lua
View file

@ -23,7 +23,6 @@ end
return {
status_key = status_keys.ntopng.status_tls_certificate_selfsigned,
alert_severity = alert_consts.alert_severities.error,
-- When a self-signed certificate il found an alert of type alert_potentially_dangerous_protocol
-- is generated (see alert_potentially_dangerous_protocol.lua)
alert_type = alert_consts.alert_types.alert_potentially_dangerous_protocol,

1
scripts/lua/modules/flow_status_definitions/status_tls_old_protocol_version.lua
View file

@ -28,7 +28,6 @@ end
return {
status_key = status_keys.ntopng.status_tls_old_protocol_version,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_potentially_dangerous_protocol,
i18n_title = "flow_details.tls_old_protocol_version",
i18n_description = formatStatus,

1
scripts/lua/modules/flow_status_definitions/status_tls_unsafe_ciphers.lua
View file

@ -10,7 +10,6 @@ local alert_consts = require("alert_consts")
return {
status_key = status_keys.ntopng.status_tls_unsafe_ciphers,
alert_severity = alert_consts.alert_severities.error,
alert_type = alert_consts.alert_types.alert_potentially_dangerous_protocol,
i18n_title = "flow_details.tls_unsafe_ciphers",
}