Unifies new alerts and flow alerts API

2026-05-03 17:30:11 +00:00 · 2020-12-04 17:03:23 +01:00 · 2020-12-04 17:03:23 +01:00 · 8d6dafc897
commit 8d6dafc897
parent cc23742d8a
11 changed files with 97 additions and 94 deletions
--- a/scripts/plugins/alerts/security/new_api_demo/locales/en.lua
+++ b/scripts/plugins/alerts/security/new_api_demo/locales/en.lua
@ -2,4 +2,5 @@ return {
   my_manifest_title = "My Manifest Title",

   alert_host_new_api_demo_description = "%{host}: one_param = %{one_param} another_param = %{another_param}",
+   alert_flow_new_api_demo_description = "one_flow_param = %{one_flow_param} another_flow_param = %{another_flow_param}",
 }
--- a/scripts/plugins/alerts/security/new_api_demo/status_definitions/status_new_api_demo.lua
+++ b/scripts/plugins/alerts/security/new_api_demo/status_definitions/status_new_api_demo.lua
@ -1,25 +0,0 @@
--
-- (C) 2019-20 - ntop.org
--
-
-local status_keys = require "flow_keys"
-local alert_consts = require "alert_consts"
-
-- #################################################################
-
-local function formatDemo(flowstatus_info)
-   if flowstatus_info and flowstatus_info.one_param and flowstatus_info.another_param then
-      return string.format("New API demo: [%s][%s]", flowstatus_info.one_param, flowstatus_info.another_param)
-   end
-
-   return "New API Demo"
-end
-
-- #################################################################
-
-return {
-   status_key = status_keys.user.status_user_03,
-   alert_type = alert_consts.alert_types.alert_new_api_demo,
-   i18n_title = "New API Demo",
-   i18n_description = formatDemo
-}
--- a/scripts/plugins/alerts/security/new_api_demo/user_scripts/flow/new_flow_api_demo.lua
+++ b/scripts/plugins/alerts/security/new_api_demo/user_scripts/flow/new_flow_api_demo.lua
@ -4,7 +4,7 @@

 local user_scripts = require("user_scripts")
 local alert_severities = require "alert_severities"
-local flow_consts = require "flow_consts"
+local alert_consts = require "alert_consts"
 local alerts_api = require "alerts_api"

 -- #################################################################
@ -27,13 +27,14 @@ local script = {
 function script.hooks.protocolDetected(now)
   if false then -- TODO: set to true to execute
      local cli_score, srv_score, flow_score = 10, 10, 10
-
-      local status_type = flow_consts.status_types.status_new_api_demo.create(
-	 "one_param",
-	 "another_param"
+      local alert = alert_consts.alert_types.alert_flow_new_api_demo.new(
+	 "one_flow_param",
+	 "another_flow_param"
      )

-      alerts_api.trigger_status(status_type, alert_severities.error, cli_score, srv_score, flow_score)
+      alert:set_severity(alert_severities.error)
+
+      alert:trigger_status(cli_score, srv_score, flow_score)
   end
 end

--- a/scripts/plugins/alerts/security/new_api_demo/user_scripts/host/new_api_demo.lua
+++ b/scripts/plugins/alerts/security/new_api_demo/user_scripts/host/new_api_demo.lua
@ -43,7 +43,7 @@ function script.hooks.min(params)
 	 alert:set_victim()
      end

-      if true then
+      if math.random(2) == 1 then
 	 alert:trigger(params.alert_entity, nil, params.cur_alerts)
      else
 	 alert:release(params.alert_entity, nil, params.cur_alerts)