Unifies misbehaving with alerted flows

Implements #4596
2026-05-05 02:16:39 +00:00 · 2020-10-16 18:58:20 +02:00 · 2020-10-16 18:58:20 +02:00 · d3dda0bb82
commit d3dda0bb82
parent d9bba4b4b2
38 changed files with 217 additions and 145 deletions
--- a/scripts/plugins/alerts/security/flow_risks/modules/risk_handler.lua
+++ b/scripts/plugins/alerts/security/flow_risks/modules/risk_handler.lua
@ -20,8 +20,11 @@ local handler = {}
 function handler.handle_risk(flow_score, cli_score, srv_score)
   -- Set a flow status for the generic flow_risk. This will also
   -- cause an alert to be generated.
-   flow.setStatus(
-      flow_consts.status_types.status_flow_risk,
+   flow.triggerStatus(
+      flow_consts.status_types.status_flow_risk.create(
+	 flow_consts.status_types.status_flow_risk.alert_severity,
+	 flow.getInfo()
+      ),
      flow_score or 0, -- flow_score
      cli_score or 0,  -- cli_score
      srv_score or 0   -- srv_score