vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-01 00:19:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Refactors user_scripts into checks (lua)

Browse source
This commit is contained in:
Simone Mainardi 2021-06-16 18:02:22 +02:00
parent 3c3aa5a25f
commit 76fd315d1b
222 changed files with 980 additions and 981 deletions
Download patch file Download diff file Expand all files Collapse all files

4
scripts/lua/modules/callback_definitions/flow/blacklisted.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_consts = require("flow_consts")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
@ -12,7 +12,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
alert_id = flow_alert_keys.flow_alert_blacklisted,

4
scripts/lua/modules/callback_definitions/flow/country_check.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This module is disabled by default
default_enabled = false,

4
scripts/lua/modules/callback_definitions/flow/device_protocol_not_allowed.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_device_protocol_not_allowed,

2
scripts/lua/modules/callback_definitions/flow/external_alert_check.lua
View file

@ -3,7 +3,7 @@
--
local json = require ("dkjson")
local user_scripts = require ("user_scripts")
local checks = require ("checks")
local alert_consts = require("alert_consts")
local alerts_api = require "alerts_api"
local flow_alert_keys = require "flow_alert_keys"

4
scripts/lua/modules/callback_definitions/flow/iec_invalid_transition.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require("alerts_api")
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = true,
alert_id = flow_alert_keys.flow_alert_iec_invalid_transition,

4
scripts/lua/modules/callback_definitions/flow/iec_unexpected_type_id.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require("alerts_api")
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
alert_id = flow_alert_keys.flow_alert_iec_unexpected_type_id,

4
scripts/lua/modules/callback_definitions/flow/known_proto_on_non_std_port.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_known_proto_on_non_std_port,

6
scripts/lua/modules/callback_definitions/flow/low_goodput.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require "alert_consts"
local flow_alert_keys = require "flow_alert_keys"
@ -13,7 +13,7 @@ local script = {
packet_interface_only = true,
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
packet_interface_only = true,
nedge_exclude = true,
@ -25,7 +25,7 @@ local script = {
},
-- For a full list check "available_subdir.flow.available_fields" in user_scripts.lua
-- For a full list check "available_subdir.flow.available_fields" in checks.lua
filter = {
default_filters = {
{ l7_proto = 8 }, -- MDNS

4
scripts/lua/modules/callback_definitions/flow/ndpi_dns_suspicious_traffic.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_dns_suspicious_traffic,

4
scripts/lua/modules/callback_definitions/flow/ndpi_http_numeric_ip_host.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_http_numeric_ip_host,

4
scripts/lua/modules/callback_definitions/flow/ndpi_http_suspicious_header.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_http_suspicious_header,

4
scripts/lua/modules/callback_definitions/flow/ndpi_http_suspicious_url.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_http_suspicious_url,

4
scripts/lua/modules/callback_definitions/flow/ndpi_http_suspicious_user_agent.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_http_suspicious_header,

4
scripts/lua/modules/callback_definitions/flow/ndpi_malformed_packet.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_malformed_packet,

4
scripts/lua/modules/callback_definitions/flow/ndpi_smb_insecure_version.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_smb_insecure_version,

4
scripts/lua/modules/callback_definitions/flow/ndpi_ssh_obsolete.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_ssh_obsolete,

4
scripts/lua/modules/callback_definitions/flow/ndpi_suspicious_dga_domain.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_suspicious_dga_domain,

4
scripts/lua/modules/callback_definitions/flow/ndpi_tls_missing_sni.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_tls_missing_sni,

4
scripts/lua/modules/callback_definitions/flow/ndpi_tls_not_carrying_https.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_tls_not_carrying_https,

4
scripts/lua/modules/callback_definitions/flow/ndpi_tls_suspicious_esni_usage.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_tls_suspicious_esni_usage,

4
scripts/lua/modules/callback_definitions/flow/ndpi_unsafe_protocol.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_unsafe_protocol,

4
scripts/lua/modules/callback_definitions/flow/ndpi_url_possible_rce_injection.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_url_possible_rce_injection,

4
scripts/lua/modules/callback_definitions/flow/ndpi_url_possible_sql_injection.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_url_possible_sql_injection,

4
scripts/lua/modules/callback_definitions/flow/ndpi_url_possible_xss.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_ndpi_url_possible_xss,

4
scripts/lua/modules/callback_definitions/flow/not_purged.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.internals,
category = checks.script_categories.internals,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_internals,

4
scripts/lua/modules/callback_definitions/flow/remote_access.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require "alert_consts"
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_remote_access,

4
scripts/lua/modules/callback_definitions/flow/remote_to_local_insecure_proto.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_consts = require("flow_consts")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
@ -12,7 +12,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = true,

4
scripts/lua/modules/callback_definitions/flow/remote_to_remote.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require "alert_consts"
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
alert_id = flow_alert_keys.flow_alert_remote_to_remote,

4
scripts/lua/modules/callback_definitions/flow/suspicious_file_transfer.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local flow_alert_keys = require "flow_alert_keys"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_suspicious_file_transfer,

4
scripts/lua/modules/callback_definitions/flow/tcp_issues_generic.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require ("user_scripts")
local checks = require ("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -14,7 +14,7 @@ local script = {
packet_interface_only = true,
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
nedge_exclude = true,

4
scripts/lua/modules/callback_definitions/flow/tcp_no_data_exchanged.lua
View file

@ -3,7 +3,7 @@
--
local alerts_api = require("alerts_api")
local user_scripts = require("user_scripts")
local checks = require("checks")
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -12,7 +12,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
-- NB atm working only for packet interfaces
packet_interface_only = true,

4
scripts/lua/modules/callback_definitions/flow/udp_unidirectional.lua
View file

@ -6,7 +6,7 @@
-- scripts/callbacks/status_defs/status_udp_unidirectional.lua
-- scripts/callbacks/interface/flow/udp.lua
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -15,7 +15,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_udp_unidirectional,

6
scripts/lua/modules/callback_definitions/flow/unexpected_dhcp.lua
View file

@ -2,18 +2,18 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.user_scripts.unexpected_plugins_enabled"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.checks.unexpected_plugins_enabled"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This module is disabled by default
default_enabled = false,

6
scripts/lua/modules/callback_definitions/flow/unexpected_dns.lua
View file

@ -2,18 +2,18 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.user_scripts.unexpected_plugins_enabled"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.checks.unexpected_plugins_enabled"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- Alerts generated by this script have the following id
alert_id = flow_alert_keys.flow_alert_unexpected_dns_server,

6
scripts/lua/modules/callback_definitions/flow/unexpected_ntp.lua
View file

@ -2,18 +2,18 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.user_scripts.unexpected_plugins_enabled"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.checks.unexpected_plugins_enabled"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This module is disabled by default
default_enabled = false,

6
scripts/lua/modules/callback_definitions/flow/unexpected_smtp.lua
View file

@ -2,18 +2,18 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.user_scripts.unexpected_plugins_enabled"
local UNEXPECTED_PLUGINS_ENABLED_CACHE_KEY = "ntopng.cache.checks.unexpected_plugins_enabled"
-- #################################################################
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This module is disabled by default
alert_id = flow_alert_keys.flow_alert_unexpected_smtp_server,

4
scripts/lua/modules/callback_definitions/flow/web_mining.lua
View file

@ -2,7 +2,7 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local alerts_api = require "alerts_api"
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
-- This script is only for alerts generation
alert_id = flow_alert_keys.flow_alert_web_mining,

4
scripts/lua/modules/callback_definitions/flow/zero_tcp_window.lua
View file

@ -3,7 +3,7 @@
--
local alerts_api = require("alerts_api")
local user_scripts = require("user_scripts")
local checks = require("checks")
local alert_consts = require("alert_consts")
local flow_alert_keys = require "flow_alert_keys"
@ -11,7 +11,7 @@ local flow_alert_keys = require "flow_alert_keys"
local script = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
-- NB atm working only for packet interfaces
packet_interface_only = true,

6
scripts/lua/modules/callback_definitions/host/dangerous_host.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local dangerous_host = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = true,
alert_id = host_alert_keys.host_alert_dangerous_host,
@ -22,7 +22,7 @@ local dangerous_host = {
gui = {
i18n_title = "alerts_dashboard.dangerous_host_title",
i18n_description = "alerts_dashboard.dangerous_host_description",
i18n_field_unit = user_scripts.field_units.score,
i18n_field_unit = checks.field_units.score,
input_builder = "threshold_cross",
field_operator = "gt";
},

6
scripts/lua/modules/callback_definitions/host/dns.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local dns = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_dns_traffic,
@ -21,7 +21,7 @@ local dns = {
gui = {
i18n_title = "alerts_thresholds_config.dns_traffic",
i18n_description = "alerts_thresholds_config.alert_dns_description",
i18n_field_unit = user_scripts.field_units.bytes,
i18n_field_unit = checks.field_units.bytes,
input_builder = "threshold_cross",
field_operator = "gt";
},

6
scripts/lua/modules/callback_definitions/host/dns_contacts.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local dns_contacts = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_dns_server_contacts,
@ -22,7 +22,7 @@ local dns_contacts = {
gui = {
i18n_title = "alerts_thresholds_config.dns_contacts_title",
i18n_description = "alerts_thresholds_config.dns_contacts_description",
i18n_field_unit = user_scripts.field_units.contacts,
i18n_field_unit = checks.field_units.contacts,
input_builder = "threshold_cross",
field_max = 65535,
field_min = 1,

6
scripts/lua/modules/callback_definitions/host/flow_flood.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local flow_flood = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_flow_flood,
@ -23,7 +23,7 @@ local flow_flood = {
gui = {
i18n_title = "entity_thresholds.flow_flood_title",
i18n_description = "entity_thresholds.flow_flood_description",
i18n_field_unit = user_scripts.field_units.flow_sec,
i18n_field_unit = checks.field_units.flow_sec,
input_builder = "threshold_cross",
field_max = 65535,
field_min = 1,

4
scripts/lua/modules/callback_definitions/host/flows_anomaly.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local flows_anomaly = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
alert_id = host_alert_keys.host_alert_flows_anomaly,

6
scripts/lua/modules/callback_definitions/host/ntp_contacts.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local ntp_contacts = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_ntp_server_contacts,
@ -22,7 +22,7 @@ local ntp_contacts = {
gui = {
i18n_title = "alerts_thresholds_config.ntp_contacts_title",
i18n_description = "alerts_thresholds_config.ntp_contacts_description",
i18n_field_unit = user_scripts.field_units.contacts,
i18n_field_unit = checks.field_units.contacts,
input_builder = "threshold_cross",
field_max = 65535,
field_min = 1,

6
scripts/lua/modules/callback_definitions/host/p2p.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local p2p = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_p2p_traffic,
@ -21,7 +21,7 @@ local p2p = {
gui = {
i18n_title = "alerts_thresholds_config.p2p_traffic",
i18n_description = "alerts_thresholds_config.alert_p2p_description",
i18n_field_unit = user_scripts.field_units.bytes,
i18n_field_unit = checks.field_units.bytes,
input_builder = "threshold_cross",
field_operator = "gt";
},

4
scripts/lua/modules/callback_definitions/host/remote_connection.lua
View file

@ -2,12 +2,12 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
local remote_connection = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_remote_connection,

4
scripts/lua/modules/callback_definitions/host/score_anomaly.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local score_anomaly = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = true,
alert_id = host_alert_keys.host_alert_score_anomaly,

6
scripts/lua/modules/callback_definitions/host/smtp_contacts.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local smtp_contacts = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_smtp_server_contacts,
@ -22,7 +22,7 @@ local smtp_contacts = {
gui = {
i18n_title = "alerts_thresholds_config.smtp_contacts_title",
i18n_description = "alerts_thresholds_config.smtp_contacts_description",
i18n_field_unit = user_scripts.field_units.contacts,
i18n_field_unit = checks.field_units.contacts,
input_builder = "threshold_cross",
field_max = 65535,
field_min = 1,

6
scripts/lua/modules/callback_definitions/host/syn_flood.lua
View file

@ -2,14 +2,14 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
-- #################################################################
local syn_flood = {
-- Script category
category = user_scripts.script_categories.security,
category = checks.script_categories.security,
default_enabled = false,
alert_id = host_alert_keys.host_alert_syn_flood,
@ -22,7 +22,7 @@ local syn_flood = {
gui = {
i18n_title = "entity_thresholds.syn_flood_title",
i18n_description = "entity_thresholds.syn_flood_description",
i18n_field_unit = user_scripts.field_units.syn_sec,
i18n_field_unit = checks.field_units.syn_sec,
input_builder = "threshold_cross",
field_max = 65535,
field_min = 1,

6
scripts/lua/modules/callback_definitions/host/syn_scan.lua
View file

@ -2,12 +2,12 @@
-- (C) 2019-21 - ntop.org
--
local user_scripts = require("user_scripts")
local checks = require("checks")
local host_alert_keys = require "host_alert_keys"
local syn_scan = {
-- Script category
category = user_scripts.script_categories.network,
category = checks.script_categories.network,
default_enabled = false,
alert_id = host_alert_keys.host_alert_syn_scan,
@ -29,7 +29,7 @@ local syn_scan = {
input_builder = "threshold_cross",
-- Specific parameters of this input builder
i18n_field_unit = user_scripts.field_units.syn_min,
i18n_field_unit = checks.field_units.syn_min,
-- max allowed threshold value
field_max = 65535,
-- min allowed threshold value