vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-13 14:32:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
7836 commits 26 branches 19 tags 455 MiB
Commit graph

87 commits

Author SHA1 Message Date
emanuele-f
df0556cb87 Optimize flow alerts generation 
This provides a ~10x speedup by performing the JSON serialization work in C
(and thus avoiding Lua->C overhead). This also implements two in-memory alerts
queues (one for sqlite and one for the notifications) in order to reduce Redis load.
Alerts queue are now global instead of per-interface as there is only 1 dequeing thread.
 2019-11-14 11:54:13 +01:00
emanuele-f
af1dc8a05e Limit alerts insertions if the queues are full 2019-11-08 11:26:49 +01:00
Alfredo Cardigliano
acdab024da Enqueueing flow alerts to be stored/notified from Lua, removed DB select to notiy alert (using the alert object directly) 2019-11-05 15:53:10 +01:00
emanuele-f
29e5b10e6f Fix network interface alias not used in alerts configuration 2019-10-29 16:47:22 +01:00
emanuele-f
10aa5542f8 Rework alertEntity functions to avoid modules circular dependencies 
Fixes #2975
 2019-10-23 13:01:57 +02:00
emanuele-f
ab0875155e Remove AlertType typedef from C 2019-10-22 14:43:21 +02:00
emanuele-f
6533175336 Add flow/alerts definitions directories 2019-10-16 17:45:55 +02:00
emanuele-f
9386fdd2b1 Add status/alerts definitions overview page and documentation 2019-10-16 17:23:54 +02:00
emanuele-f
873b96c20a Split alert types definitions in multiple files 2019-10-16 12:04:07 +02:00
emanuele-f
7a14a9cf11 Improvements in status definition API 2019-10-16 10:33:19 +02:00
Luca Deri
3b5e56d802 Added script for detecting unidirectional UDP flows 2019-10-15 21:56:48 +02:00
emanuele-f
b217909966 Split flow status definitions in multiple files 2019-10-15 17:28:45 +02:00
emanuele-f
2fdc860ed2 Add support for custom flow alerts in user scripts 2019-10-11 19:48:11 +02:00
emanuele-f
ffd3b4c1ee Users scripts api changes and initial documentation 2019-10-09 15:12:28 +02:00
Alfredo Cardigliano
7e9678de37 IDS alert -> External alert 2019-10-09 11:35:51 +02:00
emanuele-f
d32b979368 Remove Alert Endpoint preference 
Fixes #2859
 2019-09-23 10:48:21 +02:00
emanuele-f
ef7d8614d9 Misconfigured DHCP range message fixes 2019-09-16 19:18:04 +02:00
emanuele-f
6e14f978d6 Flow alerts status cleanup 2019-09-10 13:12:11 +02:00
emanuele-f
8d7331e519 Improve ghost network alert message 2019-09-06 10:45:59 +02:00
Alfredo Cardigliano
38a53ec1fa Transferring flows status bitmap to the client/server host. Added anomalous flows reasons to the host details page. 2019-09-05 17:55:00 +02:00
Alfredo Cardigliano
141622f151 Lua: created flow_consts module, getFlowStatusTypes has been replaced by flow_consts.flow_status_types, added flow.status_map to the Lua flow info 2019-09-04 22:20:51 +02:00
emanuele-f
d630cce58a Fix script failures in SNMP message formatters 2019-09-04 15:36:46 +02:00
Alfredo Cardigliano
13d032d185 Formatting IDS alerts 2019-08-29 11:20:41 +02:00
emanuele-f
b66b71fd7e Implement alert on JA3 malicious signatures 
Closes #2788
 2019-08-28 18:33:13 +02:00
emanuele-f
a8cb972e7d Implement ghost networks alerts 2019-08-28 16:42:18 +02:00
emanuele-f
3bf6ed1ecd Add syn-vs-rst and misbehaving-vs-total-flows alerts 2019-08-27 16:33:53 +02:00
emanuele-f
300ea49b10 Little localization fix 2019-08-27 14:37:01 +02:00
emanuele-f
01c586119e Remove ICMP ratio alert and enable ratio alerts by default in 5mins 2019-08-27 14:32:24 +02:00
emanuele-f
b3bdfcff32 Cleanup of the too-many-drops interface alert 2019-08-27 13:04:53 +02:00
emanuele-f
57e623da04 Implement ICMP and HTTP requests vs replies ratio alert 2019-08-27 10:33:08 +02:00
emanuele-f
5dd88985f4 Improve and fix DNS replies/requests ratio 2019-08-27 09:57:59 +02:00
emanuele-f
a0761db1e8 Implement replies/requests ratio alert 2019-08-26 18:38:34 +02:00
emanuele-f
b0ba13f0bc Syn/flow flood alerts now use their own alert type 2019-08-26 17:36:27 +02:00
emanuele-f
951cb1a4e9 Fix alert issues due to invalid granularities 2019-08-21 10:27:15 +02:00
emanuele-f
7893c1f78a Implement RTT host engage/release alert 2019-08-20 19:02:58 +02:00
emanuele-f
81a9963e46 Implement alerts based on potentially dangerous flows nDPI classification 2019-08-07 14:29:06 +02:00
emanuele-f
b48a4e2127 Fix outside DHCP range alert script failure 2019-07-31 11:23:51 +02:00
emanuele-f
d38cd23615 Move C alerts to unified alerts_queue 2019-07-30 11:43:18 +02:00
emanuele-f
c183a577be Alerts API cleanup and JSON migration 2019-07-29 15:17:22 +02:00
emanuele-f
09fb8667e2 Add ability to disable specific alert types on alertables 2019-07-22 23:37:23 +02:00
emanuele-f
749a64e789 Release alerts on idle hosts 2019-07-19 10:54:05 +02:00
emanuele-f
0d7195d6e3 Fix db index 2019-07-15 15:51:47 +02:00
emanuele-f
9fa3b7920c Add trace when alerts queue limit is exceeded 2019-07-15 15:37:20 +02:00
Simone Mainardi
26f2e264c4 Allows alerts to be configured only at given periodicity (gui) 2019-07-15 12:14:17 +02:00
Simone Mainardi
fb891bbf2f Finishes implementation of new flood checks in lua 2019-07-12 19:14:30 +02:00
emanuele-f
083e51cdee Improve field_units i18n 2019-07-12 19:03:33 +02:00
emanuele-f
3f002ad223 field_units i18n fix 2019-07-12 16:17:01 +02:00
emanuele-f
5e0b8b496e Remove autorelease logic based on periodicity and update database schema 2019-07-12 12:46:21 +02:00
emanuele-f
f6ff3ad010 Rework interface threshold alerts definition 2019-07-11 19:11:33 +02:00
emanuele-f
b16136f5b4 Rework host threshold alerts definition 2019-07-11 19:11:33 +02:00