vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 15:39:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Implements Local Host behaviour analysis and it's alert

Browse source 
Alert in case the host has an unexpected behaviour
This commit is contained in:
Matteo Biscosi 2021-02-25 12:01:54 +01:00
parent 7a1a9be9af
commit dbfdec34fe
14 changed files with 226 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

7
scripts/lua/modules/ts_5min_dump_utils.lua
View file

@ -355,6 +355,13 @@ function ts_dump.host_update_stats_rrds(when, hostname, host, ifstats, verbose)
num_as_client=host["contacts.as_client"], num_as_server=host["contacts.as_server"]}, when)
end
-- Contacted Hosts Behaviour
if host["contacted_hosts_behaviour"] and host["contacted_hosts_behaviour.hw_value"] then
ts_utils.append("host:contacts_behaviour", {ifid=ifstats.id, host=hostname,
hll_value=host["contacted_hosts_behaviour.hll_value"], hw_prediction=host["contacted_hosts_behaviour.prediction"], hw_lower_bound=host["contacted_hosts_behaviour.hw_lower_bound"], hw_upper_bound=host["contacted_hosts_behaviour.upper_bound"]}, when)
end
-- L4 Protocols
for id, _ in pairs(l4_keys) do
k = l4_keys[id][2]