diff --git a/scripts/locales/en.lua b/scripts/locales/en.lua index 63a1a8f4db..4ece9ded4e 100644 --- a/scripts/locales/en.lua +++ b/scripts/locales/en.lua @@ -235,6 +235,7 @@ local lang = { ["jump_to_chart"] = "Chart View", ["jump_to_table"] = "Table View", ["key"] = "Key", + ["l7_error_code"] = "Error Code", ["l7_id"] = "App %{id}", ["l7_proto"] = "L7 Proto", ["label"] = "Label", diff --git a/scripts/lua/alert_details.lua b/scripts/lua/alert_details.lua index 3666b9f553..9040739718 100644 --- a/scripts/lua/alert_details.lua +++ b/scripts/lua/alert_details.lua @@ -55,6 +55,7 @@ local alert = nil if page and row_id and tstamp and alert_entities[page] then local alert_store_instance = alert_store_instances[alert_entities[page].alert_store_name] + if alert_store_instance then alerts, recordsFiltered = alert_store_instance:select_request(nil, "*") if #alerts >= 1 then diff --git a/scripts/lua/modules/alert_store/flow_alert_store.lua b/scripts/lua/modules/alert_store/flow_alert_store.lua index c4c1054b19..ed4280f5b1 100644 --- a/scripts/lua/modules/alert_store/flow_alert_store.lua +++ b/scripts/lua/modules/alert_store/flow_alert_store.lua @@ -387,7 +387,7 @@ local RNAME = { FLOW_RELATED_INFO = { name = "flow_related_info", export = true }, MSG = { name = "msg", export = true, elements = {"name", "value", "description"}}, FLOW = { name = "flow", export = true, elements = {"srv_ip.label", "srv_ip.value", "srv_port", "cli_ip.label", "cli_ip.value", "cli_port"}}, - + VLAN_ID = { name = "vlan_id", export = true}, PROTO = { name = "proto", export = true}, L7_PROTO = { name = "l7_proto", export = true}, @@ -842,8 +842,8 @@ function flow_alert_store:get_alert_details(value) local add_hyperlink = true local json = json.decode(value["json"]) or {} local proto_info = json["proto"] - local traffic_info = {} - + local traffic_info = {} + details[#details + 1] = { label = i18n("alerts_dashboard.alert"), content = get_label_link(fmt['alert_id']['label'], 'alert_id', fmt['alert_id']['value'], add_hyperlink) @@ -879,6 +879,15 @@ function flow_alert_store:get_alert_details(value) content = fmt['additional_alerts']['descr'], } + if((proto_info.l7_error_code ~= nil) and (proto_info.l7_error_code ~= 0)) then + details[#details + 1] = { + label = i18n("l7_error_code"), + content = proto_info.l7_error_code + } + + proto_info.l7_error_code = nil -- Avoid to print it twice in the flow details section + end + proto_info = editProtoDetails(proto_info or {}) traffic_info = format_common_info(value, traffic_info) @@ -887,7 +896,7 @@ function flow_alert_store:get_alert_details(value) content = traffic_info } - for _, info in pairs(proto_info or {}) do + for k, info in pairs(proto_info or {}) do details[#details + 1] = { label = i18n("alerts_dashboard.flow_related_info"), content = info diff --git a/scripts/lua/modules/lua_utils.lua b/scripts/lua/modules/lua_utils.lua index e89c6ed742..6ff63aa018 100644 --- a/scripts/lua/modules/lua_utils.lua +++ b/scripts/lua/modules/lua_utils.lua @@ -5187,7 +5187,7 @@ end -- ############################################## -function format_http_info(http_info) +function format_http_info(http_info) if http_info["last_return_code"] then local badge = get_badge(http_info.last_return_code == 200) http_info["last_return_code"] = string.format('%s', badge, http_utils.getResponseStatusCode(http_info["last_return_code"])) diff --git a/src/Flow.cpp b/src/Flow.cpp index 79c71a381d..5239d978d3 100644 --- a/src/Flow.cpp +++ b/src/Flow.cpp @@ -3251,6 +3251,9 @@ void Flow::alert2JSON(FlowAlert *alert, ndpi_serializer *s) { ndpi_serialize_string_string(s, "ja3_server_hash", protos.tls.ja3.server_hash); + if(getErrorCode() != 0) + ndpi_serialize_string_uint32(s, "l7_error_code", getErrorCode()); + /* Serialize alert JSON */ alert_json_serializer = alert->getSerializedAlert(); diff --git a/src/FlowAlert.cpp b/src/FlowAlert.cpp index d8ae123ad1..193e1e9be8 100644 --- a/src/FlowAlert.cpp +++ b/src/FlowAlert.cpp @@ -122,6 +122,9 @@ ndpi_serializer* FlowAlert::getSerializedAlert() { break; } + if(flow->getErrorCode() != 0) + ndpi_serialize_string_uint32(serializer, "l7_error_code", flow->getErrorCode()); + ndpi_serialize_end_of_block(serializer); /* proto block */ /* This call adds check-specific information to the serializer */