Fixed #2789 implement remote DNS resolution failure alert

2026-05-22 02:38:59 +00:00 · 2020-12-11 09:53:53 +01:00 · 2020-12-11 09:53:53 +01:00 · de340b66ef
commit de340b66ef
parent 86e5721374
2 changed files with 58 additions and 0 deletions
--- a/scripts/lua/modules/alert_definitions/alert_dns_positive_error_ratio.lua
+++ b/scripts/lua/modules/alert_definitions/alert_dns_positive_error_ratio.lua
@ -0,0 +1,57 @@
+--
+-- (C) 2019-20 - ntop.org
+--
+
+local alert_keys = require "alert_keys"
+local format_utils = require "format_utils"
+local json = require("dkjson")
+
+-- #######################################################
+
+-- @brief Prepare an alert table used to generate the alert
+-- @param alert_severity A severity as defined in `alert_severities`
+-- @param alert_granularity A granularity as defined in `alert_consts.alerts_granularities`
+-- @param alert_subtype A string with the subtype of the alert
+-- @param requests The number of requests
+-- @param replies The number of replies
+-- @return A table with the alert built
+local function createDnsPositiveErrorRatio(alert_severity, alert_granularity, type, positives, errors)
+   local built = {
+      alert_granularity = alert_granularity,
+      alert_severity = alert_severity,
+      alert_type_params = {
+   type = type,
+	 positives = positives,
+	 errors= errors,
+      }
+   }
+
+   return built
+end
+
+-- #######################################################
+
+function dnsPositiveErrorRatioFormatter(ifid, alert, info)
+  local type = ""
+
+  if info.type == "dns_rcvd" then
+    type = "Received"
+  else
+    type = "Sent"
+  end
+  return(i18n("dns_positive_error_ratio.positive_error_ratio_descr", {
+    type = type,
+    positives = info.positives,
+    errors = info.errors,
+  }))
+end
+
+-- #######################################################
+
+return {
+  alert_key = alert_keys.ntopng.alert_dns_positive_error_ratio,
+  i18n_title = "dns_positive_error_ratio.title",
+  i18n_description = dnsPositiveErrorRatioFormatter,
+  icon = "fas fa-exclamation",
+  creator = createDnsPositiveErrorRatio,
+}
--- a/scripts/lua/modules/alert_keys.lua
+++ b/scripts/lua/modules/alert_keys.lua
@ -88,6 +88,7 @@ local alert_keys = {
      alert_unexpected_new_device          = {NO_PEN, 73}, -- scripts/plugins/alerts/security/unexpected_new_device
      alert_shell_script_executed          = {NO_PEN, 74}, -- scripts/plugins/endpoints/shell_alert_endpoint
      alert_periodicity_update             = {NO_PEN, 75}, -- pro/scripts/enterprise_l_plugins/alerts/network/periodicity_update
+      alert_dns_positive_error_ratio       = {NO_PEN, 76}, -- pro/scripts/enterprise_l_plugins/alerts/network/dns_positive_error_ratio
      -- Add here additional keys for alerts generated
      -- by ntopng plugins
      -- WARNING: make sure integers do NOT OVERLAP with