vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 16:09:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Added JA3 hash to flow alert

Browse source 
Implements #5159
This commit is contained in:
Matteo Biscosi 2021-04-08 12:34:16 +02:00
parent 6c0b597344
commit 8d2cf80f95
5 changed files with 43 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
scripts/lua/modules/alert_definitions/flow/alert_malicious_signature.lua
View file

@ -18,7 +18,7 @@ local alert_malicious_signature = classes.class(alert)
alert_malicious_signature.meta = {
alert_key = flow_alert_keys.flow_alert_malicious_signature,
i18n_title = "alerts_dashboard.malicious_signature_detected",
i18n_title = "flow_risk.malicious_signature_detected",
icon = "fas fa-ban",
}
@ -39,7 +39,9 @@ end
-- @param alert_type_params Table `alert_type_params` as built in the `:init` method
-- @return A human-readable string
function alert_malicious_signature.format(ifid, alert, alert_type_params)
return
return(i18n("alerts_dashboard.malicious_signature_detected", {
ja3_hash = alert_type_params["ja3_client_hash"]
}))
end
-- #######################################################