Implements builders for each flow status definition

[FlowsK] alert_blacklisted_country.lua [FlowsK] alert_flow_blacklisted.lua [FlowsK] alert_device_protocol_not_allowed.lua [FlowsK] external_alert.lua [FlowsK] alert_potentially_dangerous_protocol.lua [FlowsK] tls_certificate_mismatch.lua [FlowsK] tls_certificate_expired.lua [FlowsK] tls_malicious_signature.lua [FlowsK] elephant_flows.lua [FlowsK] not_purged.lua [FlowsK] web_mining.lua [FlowsK] potentially_dangerous.lua [FlowsK] alert_flow_blocked.lua
2026-05-02 08:50:12 +00:00 · 2020-04-27 12:42:26 +02:00 · 2020-04-27 12:42:26 +02:00 · ab1690ad9e
commit ab1690ad9e
parent f323aa741c
18 changed files with 258 additions and 15 deletions
--- a/scripts/plugins/external_alert_check/user_scripts/flow/external_alert_check.lua
+++ b/scripts/plugins/external_alert_check/user_scripts/flow/external_alert_check.lua
@ -29,8 +29,13 @@ function script.hooks.periodicUpdate(now)
    -- NOTE: the same info will *not* be returned in the next periodicUpdate
    local info = json.decode(info_json)
    if info ~= nil then
-      flow.triggerStatus(flow_consts.status_types.status_external_alert, 
-        info, nil, nil, nil, info.severity_id)
+       flow.triggerStatus(
+	  flow_consts.status_types.status_external_alert.builder(
+	     alert_consts.alert_severities.error,
+	     info
+	  ),
+	  nil, nil, nil,
+	  info.severity_id)
    end
  end
 end