Trace periodic activities duration and generate an alert for long lasting ones

2026-05-05 19:15:03 +00:00 · 2019-06-21 11:41:38 +02:00 · 2019-06-21 11:41:38 +02:00 · 8a239f97f4
commit 8a239f97f4
parent eec3c19485
7 changed files with 88 additions and 4 deletions
--- a/scripts/lua/modules/alert_consts.lua
+++ b/scripts/lua/modules/alert_consts.lua
@ -61,6 +61,7 @@ alert_consts.alert_type_keys = {
   { "<i class='fa fa-exclamation'></i> " .. i18n("alerts_dashboard.snmp_port_load_threshold_exceeded"), 38, "port_load_threshold_exceeded" },
   { "<i class='fa fa-exclamation'></i> " .. i18n("alerts_dashboard.ping_issues"), 39, "ping_issues" },
   { "<i class='fa fa-database'></i> " .. i18n("alerts_dashboard.influxdb_queue_too_long"),        40, "influxdb_queue_too_long"    },
+   { "<i class='fa fa-undo'></i> " .. i18n("alerts_dashboard.slow_periodic_activity"),             41, "slow_periodic_activity"     },
 }

 -- Keep in sync with ntop_typedefs.h:AlertEntity
@ -78,6 +79,7 @@ alert_consts.alert_entity_keys = {
   { "Test",           10, "test"          },
   { "Category Lists", 11, "category_lists" },
   { "PINGed host",    12, "pinged_host"   },
+   { "Periodi Activity", 13, "periodic_activity"   },
 }

 alert_consts.alert_engine_keys = {
--- a/scripts/lua/modules/alert_utils.lua
+++ b/scripts/lua/modules/alert_utils.lua
@ -2878,6 +2878,42 @@ function check_outside_dhcp_range_alerts()
   end
 end

+-- Global function
+function check_periodic_activities_alerts()
+  while(true) do
+    local message = ntop.lpopCache("ntopng.periodic_activity_queue")
+    local elems
+
+    if((message == nil) or (message == "")) then
+      break
+    end
+
+    elems = json.decode(message)
+
+    if elems ~= nil then
+      local duration
+      local max_duration
+
+      if(elems.max_duration_ms > 3000) then
+        duration = string.format("%u s", math.floor(elems.duration_ms/1000))
+        max_duration = string.format("%u s", math.floor(elems.max_duration_ms/1000))
+      else
+        duration = string.format("%u ms", math.floor(elems.duration_ms))
+        max_duration = string.format("%u ms", math.floor(elems.max_duration_ms))
+      end
+
+      local msg = i18n("alert_messages.slow_periodic_activity", {
+        script = elems.path,
+        duration = duration,
+        max_duration = max_duration,
+      })
+
+      interface.select(elems.ifname)
+      interface.storeAlert(alertEntity("periodic_activity"), elems.path, alertType("slow_periodic_activity"), alertSeverity("warning"), msg)
+    end
+  end
+end
+
 -- Global function
 function check_process_alerts()
   while(true) do