Unifies new alerts and flow alerts API

2026-05-03 01:10:10 +00:00 · 2020-12-04 17:03:23 +01:00 · 2020-12-04 17:03:23 +01:00 · 8d6dafc897
commit 8d6dafc897
parent cc23742d8a
11 changed files with 97 additions and 94 deletions
--- a/scripts/plugins/alerts/security/new_api_demo/user_scripts/flow/new_flow_api_demo.lua
+++ b/scripts/plugins/alerts/security/new_api_demo/user_scripts/flow/new_flow_api_demo.lua
@ -4,7 +4,7 @@

 local user_scripts = require("user_scripts")
 local alert_severities = require "alert_severities"
-local flow_consts = require "flow_consts"
+local alert_consts = require "alert_consts"
 local alerts_api = require "alerts_api"

 -- #################################################################
@ -27,13 +27,14 @@ local script = {
 function script.hooks.protocolDetected(now)
   if false then -- TODO: set to true to execute
      local cli_score, srv_score, flow_score = 10, 10, 10
-
-      local status_type = flow_consts.status_types.status_new_api_demo.create(
-	 "one_param",
-	 "another_param"
+      local alert = alert_consts.alert_types.alert_flow_new_api_demo.new(
+	 "one_flow_param",
+	 "another_flow_param"
      )

-      alerts_api.trigger_status(status_type, alert_severities.error, cli_score, srv_score, flow_score)
+      alert:set_severity(alert_severities.error)
+
+      alert:trigger_status(cli_score, srv_score, flow_score)
   end
 end

--- a/scripts/plugins/alerts/security/new_api_demo/user_scripts/host/new_api_demo.lua
+++ b/scripts/plugins/alerts/security/new_api_demo/user_scripts/host/new_api_demo.lua
@ -43,7 +43,7 @@ function script.hooks.min(params)
 	 alert:set_victim()
      end

-      if true then
+      if math.random(2) == 1 then
 	 alert:trigger(params.alert_entity, nil, params.cur_alerts)
      else
 	 alert:release(params.alert_entity, nil, params.cur_alerts)