vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 15:39:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Split protocol and alert info from ALERT_JSON: new PROTOCOL_INFO_JSON column

Browse source
This commit is contained in:
Alfredo Cardigliano 2024-12-05 15:13:16 +01:00
parent 828af618d6
commit ae5128c620
9 changed files with 79 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/lua/modules/historical_flow_utils.lua
View file

@ -1139,6 +1139,7 @@ local flow_columns = {
['IS_SRV_ATTACKER'] = { tag = "is_srv_attacker" },
['IS_SRV_VICTIM'] = { tag = "is_srv_victim" },
['IS_SRV_BLACKLISTED'] = { tag = "is_srv_blacklisted" },
['PROTOCOL_INFO_JSON'] = { tag = "protocol_info_json" },
['ALERT_JSON'] = { tag = "json" },
['SRC_PROC_NAME'] = { tag = "cli_proc_name", db_type = "String", db_raw_type = "String" },
['DST_PROC_NAME'] = { tag = "srv_proc_name", db_type = "String", db_raw_type = "String" },
@ -1284,6 +1285,7 @@ historical_flow_utils.min_aggregated_flow_db_columns = {
historical_flow_utils.extra_db_columns = {
["throughput"] = "ABS(LAST_SEEN - FIRST_SEEN) as TIME_DELTA, (TOTAL_BYTES / (TIME_DELTA + 1)) * 8 as THROUGHPUT",
["duration"] = "ABS(LAST_SEEN - FIRST_SEEN) as DURATION",
["protocol_info_json"] = "PROTOCOL_INFO_JSON",
["alert_json"] = "ALERT_JSON"
}