vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 07:29:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Improves selection of epochs in alert flows drilldown

Browse source
This commit is contained in:
Simone Mainardi 2021-07-30 14:56:33 +02:00
parent af7b722510
commit f2d9ee41be
1 changed files with 13 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

20
scripts/lua/modules/alert_utils.lua
View file

@ -554,9 +554,9 @@ function alert_utils.getLinkToPastFlows(ifid, alert, alert_json)
local past_flows_filter = alert_consts.alert_types[alert_id].filter_to_past_flows(ifid, alert, alert_json)
local epoch_begin, epoch_end
-- Add a defaut start time, if no start time has been added by the filter-generation function
-- Add a default start time, if no start time has been added by the filter-generation function
if not past_flows_filter["epoch_begin"] then
past_flows_filter["epoch_begin"] = tonumber(alert["tstamp"]) - 300 -- Look a bit before than the timestamp
past_flows_filter["epoch_begin"] = tonumber(alert["tstamp"])
end
epoch_begin = tonumber(past_flows_filter["epoch_begin"])
past_flows_filter["epoch_begin"] = nil
@ -565,11 +565,6 @@ function alert_utils.getLinkToPastFlows(ifid, alert, alert_json)
if not past_flows_filter["epoch_end"] then
local duration = tonumber(alert["duration"]) or (tonumber(alert["tstamp_end"]) - tonumber(alert["tstamp"]))
if duration > 300 then
-- Dont' make the interval too large by default
duration = 300
end
past_flows_filter["epoch_end"] = epoch_begin + duration
end
epoch_end = tonumber(past_flows_filter["epoch_end"])
@ -593,12 +588,23 @@ function alert_utils.getLinkToPastFlows(ifid, alert, alert_json)
::continue::
end
-- Look a bit around the epochs...
epoch_begin = epoch_begin - 150
epoch_end = epoch_end + 150
-- ... but not too much
if epoch_end - epoch_begin > 600 then
epoch_end = epoch_begin + 600
end
-- Join the TAG filters using the predefined operator
local final_filter = {}
for _, tag in pairs(tags) do
final_filter[tag.name] = string.format("%s%s%s", tag.val, tag_utils.SEPARATOR, tag.op)
end
-- tprint({formatEpoch(epoch_begin), formatEpoch(epoch_end), formatEpoch(tonumber(alert.tstamp)), formatEpoch(tonumber(alert.tstamp_end))})
-- Return the link augmented with the filter
local res = string.format("%s/lua/pro/nindex_query.lua?epoch_begin=%u&epoch_end=%u&%s",
ntop.getHttpPrefix(),