Domain Names host check (#5723)

* Adding/modifying .cpp for Domain Names host check * Adding/modifying .h/.lua for Domain Names host check * minor synstax fix * dns_contacts Co-authored-by: Stefano Russo <55586218+D0kken@users.noreply.github.com> Co-authored-by: Stefano Russo <s.russo41@studenti.unipi.it>
2026-05-01 00:19:33 +00:00 · 2021-08-25 11:22:41 +02:00 · 2021-08-25 11:22:41 +02:00 · f650a3700a
commit f650a3700a
parent a582aa6243
19 changed files with 336 additions and 3 deletions
--- a/scripts/lua/modules/alert_definitions/host/host_alert_domain_names_contacts.lua
+++ b/scripts/lua/modules/alert_definitions/host/host_alert_domain_names_contacts.lua
@ -0,0 +1,63 @@
+--(C) 2019-21 - ntop.org
+
+
+--##############################################
+
+local host_alert_keys = require "host_alert_keys"
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+local alert_creators = require "alert_creators"
+local json = require("dkjson")
+--Import the classes library.
+local classes = require "classes"
+--Make sure to import the Superclass!
+local alert = require "alert"
+
+--##############################################
+
+local host_alert_domain_names_contacts = classes.class(alert)
+
+--##############################################
+
+host_alert_domain_names_contacts.meta = {
+alert_key = host_alert_keys.host_alert_domain_names_contacts,
+i18n_title =  "alerts_dashboard.threashold_cross",
+icon = "fas fa-fw fa-arrow-circle-up",
+
+}
+
+--##############################################
+
+--@brief Prepare an alert table used to generate the alert
+--@param one_param The first alert param
+--@param another_param The second alert param
+--@return A table with the alert built
+function host_alert_domain_names_contacts:init()
+--Call the parent constructor
+self.super:init()
+
+end
+
+--#######################################################
+
+-- @brief Format an alert into a human-readable string
+-- @param ifid The integer interface id of the generated alert
+-- @param alert The alert description table, including alert data such as the generating entity, timestamp, granularity, type
+-- @param alert_type_params Table `alert_type_params` as built in the `:init` method
+-- @return A human-readable string
+function host_alert_domain_names_contacts.format(ifid, alert, alert_type_params)
+  local alert_consts = require("alert_consts")
+  local entity = alert_consts.formatHostAlert(ifid, alert["ip"], alert["vlan_id"])
+  local value = alert_type_params.value
+
+  if(value == nil) then value = 0 end
+
+  return i18n("alert_messages.host_alert_domain_names_contacts", {
+    entity = entity,
+    value = string.format("%u", math.ceil(value or 0)),
+    threshold = alert_type_params.threshold or 0,
+  })
+end
+
+--#######################################################
+
+return host_alert_domain_names_contacts
--- a/scripts/lua/modules/alert_keys/host_alert_keys.lua
+++ b/scripts/lua/modules/alert_keys/host_alert_keys.lua
@ -12,7 +12,7 @@ local host_alert_keys = {
  host_alert_flow_flood                  =  4,
  host_alert_syn_scan                    =  5,
  host_alert_syn_flood                   =  6,
-  host_alert_available_01                =  7, -- Available, can be used
+  host_alert_domain_names_contacts       =  7,
  host_alert_p2p_traffic                 =  8,
  host_alert_dns_traffic                 =  9,
  host_alert_flows_anomaly               = 10,
--- a/scripts/lua/modules/check_definitions/host/domain_names_contacts.lua
+++ b/scripts/lua/modules/check_definitions/host/domain_names_contacts.lua
@ -0,0 +1,45 @@
+--
+-- (C) 2019-21 - ntop.org
+--
+
+local checks = require("checks")
+local host_alert_keys = require "host_alert_keys"
+
+local domain_names_contacts = {
+   -- Script category
+   category = checks.check_categories.network,
+
+   default_enabled = false,
+   alert_id = host_alert_keys.host_alert_domain_names_contacts,
+
+   -- The default threshold value. The format is specific of the
+   -- "threshold_cross" input builder
+   default_value = {
+      operator = "gt",
+      threshold = 250,
+   },
+
+   -- Allow user script configuration from the GUI
+   gui = {
+      -- Localization strings, from the "locales" directory of the plugin
+      i18n_title = "alerts_thresholds_config.domain_names_contacts_title",
+      i18n_description = "alerts_thresholds_config.domain_names_contacts_description",
+
+      -- Specific parameters of this input builder
+      i18n_field_unit = checks.field_units.contacts,
+
+      -- The input builder to use to draw the gui
+      input_builder = "threshold_cross",
+
+      -- max allowed threshold value
+      field_max = 65535,
+      -- min allowed threshold value
+      field_min = 1,
+      -- threshold check operator. "gt" for ">", "lt" for "<"
+      field_operator = "gt";
+   }
+}
+
+-- #################################################################
+
+return domain_names_contacts