vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 07:59:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
18274 commits 26 branches 19 tags 446 MiB
Commit graph

204 commits

Author SHA1 Message Date
Simone Mainardi
b3dc39c641 Refactors alert_severities into an independend Lua module 2020-11-30 15:28:17 +01:00
Matteo Biscosi
0858d1bb79
Fixes alert_generation nil value 2020-11-30 10:55:12 +01:00
gabryon99
15772bd0fe refactor for endpoints and recipients (#4707) 2020-11-25 16:25:55 +01:00
Matteo Biscosi
507583db64
Added host category to flow and host alerts (#4767) 
* Fixed shell endpoint bug and added notice when executing the script

* Added victim and attacker to security plugins

* Updated hosts alert with host_category info

* Added host category to hosts alert description

* Added host category to flows

Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-20 19:14:07 +01:00
Simone Mainardi
566babf34c Adds min host info to all host-alerts (engaged/released/triggered) 2020-11-19 17:11:18 +01:00
Simone Mainardi
93920ccdce Implements example of simplified flow alerts 2020-11-10 15:10:54 +01:00
Simone Mainardi
4ffe97f3b0 Lateral movement alert entity fixes 2020-10-12 09:22:08 +02:00
Luca Deri
c5e0db54b7 Added support for lateral movement detection 2020-10-11 18:30:21 +02:00
Simone Mainardi
dac9b41a98 Additional alerts cleanup 
Fixes #4504
 2020-10-01 18:45:57 +02:00
Simone Mainardi
b7bdd1edaf Massive cleanup of alerts (disabled/suppressed) 
Fixes #4504
 2020-10-01 18:40:11 +02:00
Simone Mainardi
6c1280a8e5 Reworks recipients.lua as static rather than (useless) instance 2020-09-23 15:03:07 +02:00
Luca Deri
8db941c31e Improved IEC 104 plugin 2020-09-16 23:24:40 +02:00
Simone Mainardi
b7341506f7 Implements checks for script type and alert severity in dispatch_notification 2020-09-16 13:08:07 +02:00
Simone Mainardi
1a8552549b Removes unused old notification_recipients module 2020-09-10 18:10:23 +02:00
Simone Mainardi
9e99fa1403 Uses new in-memory queues for alert recipients (avoid Redis) 2020-09-08 18:36:18 +02:00
Simone Mainardi
85f555a908 Removes intermediate alert queues - only leaves recipient queues 
Implements #4366
 2020-09-04 17:41:55 +02:00
Simone Mainardi
1a7ee97334 Reworks builtin SQLite alerts as a regular alert recipient 2020-09-04 10:33:10 +02:00
Simone Mainardi
6053c752f6 Avoids resending notifications for triggered alerts after restarts 
Implements #4357
 2020-09-03 09:58:46 +02:00
Simone Mainardi
a0097167f4 Fixes active monitoring alerts 2020-09-01 23:03:11 +02:00
Simone Mainardi
230d40abf9 Fixes addition of active monitoring hosts - circular require 
Fixes #4345
 2020-08-31 19:02:11 +02:00
Simone Mainardi
34b53b8a9b Adds documentation for OO recipients and operator functions 2020-08-28 18:57:59 +02:00
Simone Mainardi
fa00119b56 Adds operator function to evaluate threshold-based alerts 2020-08-28 17:04:25 +02:00
Simone Mainardi
aeecbcce29 Initial implementation of OO recipients with SQLite 2020-08-28 13:19:58 +02:00
Luca Deri
398e25c022 Disabled log 2020-08-17 18:24:05 +02:00
Alfredo Cardigliano
d55e4dc441 Remove alert_endpoints_utils (no longer required). Doc update. 2020-07-28 12:49:06 +02:00
Alfredo Cardigliano
7ffb4df9a6 Handle host pool serialization (exception for backward compatibility). 
Fix recipients add
Initial work for alerts dispatching to recipients
 2020-07-23 06:22:17 +02:00
Alfredo Cardigliano
f038baf804 Alerts are no longer enqueued if disabled 2020-07-23 00:49:28 +02:00
Simone Mainardi
09eb53a16d Prevents circular dependency in require 
Fixes

string stack traceback:
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2029: in local 'parsePOSTpayload'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2081: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/lua_utils.lua:3810: in main chunk
[C]: in function 'require'
...e/simone/ntopng/scripts/lua/modules/pools/base_pools.lua:7: in main chunk
[C]: in function 'require'
...e/ntopng/scripts/lua/modules/pools/pools_alert_utils.lua:10: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/alerts_api.lua:12: in main chunk
...
...b/ntopng/plugins0/modules/active_monitoring/am_utils.lua:11: in main chunk
[C]: in function 'dofile'
/home/simone/ntopng/scripts/lua/modules/plugins_utils.lua:942: in function 'plugins_utils.loadModule'
/var/lib/ntopng/plugins0/http_lint/active_monitoring.lua:17: in field '?'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:1902: in upvalue 'validateParameter'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:1989: in local 'lintParams'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2085: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/lua_utils.lua:3810: in main chunk
[C]: in function 'require'
.../ntopng/plugins0/scripts/edit_active_monitoring_host.lua:9: in main chunk
 2020-07-23 11:58:03 +02:00
Simone Mainardi
dce5623bc2 Fixes pool ids associated with interface alerts 2020-07-21 15:24:19 +02:00
Simone Mainardi
ceba04f92c Fixes to associate pool ids with alerts 2020-07-21 14:59:12 +02:00
Simone Mainardi
42b7d8e7e9 Implements facility to add pool info to alerts 2020-07-21 13:09:27 +02:00
emanuele-f
ba5c64b107 Rework host label getters 
This fixes inconsistencies across the ntopng gui

Addresses #3699
 2020-05-07 17:47:18 +02:00
Simone Mainardi
290175b16f Refactors alrt builders into creators 
Refactors builders into creators: calls
 2020-04-27 15:53:56 +02:00
Simone Mainardi
2739aac076 Implements alert builders for each alert definition 
[AlertsK] Implements alert consts builder

[AlertsK] alert_threshold_cross.lua

[AlertsK] too_many_drops.lua

[AlertsK] alert_test_failed.lua

[AlertsK] alert_flows_flood.lua alert_tcp_syn_flood.lua lert_tcp_syn_scan.lua

[AlertsK] alert_snmp_topology_changed.lua

[AlertsK] snmp_device_reset.lua

[AlertsK] alert_slow_periodic_activity.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_load_threshold_exceeded.lua

[AlertsK] alert_port_errors.lua

[AlertsK] alert_port_duplexstatus_change.lua

[AlertsK] alert_periodic_activity_not_executed.lua

[AlertsK] alert_misbehaving_flows_ratio.lua

[AlertsK] alert_influxdb_error.lua

[AlertsK] alert_influxdb_dropped_points.lua

[AlertsK] alert_dropped_alerts.lua

[AlertsK] alert_am_threshold_cross.lua

[AlertsK] alert_broadcast_domain_too_large.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_host_pool_connection.lua alert_host_pool_disconnection.lua

[AlertsK] alert_ghost_network.lua

[AlertsK] alert_ip_outsite_dhcp_range.lua

[AlertsK] alert_list_download_failed.lua

[AlertsK] alert_login_failed.lua

[AlertsK] alert_mac_ip_association_change.lua

[AlertsK] alert_slow_purge.lua

[AlertsK] alert_request_reply_ratio.lua

[AlertsK] alert_quota_exceeded.lua

[AlertsK] alert_process_notification.lua

[AlertsK] alert_nfq_flushed.lua

[AlertsK] alert_misconfigured_app.lua alert_new_device.lua

[AlertsK] alert_influxdb_export_failure.lua

[AlertsK] alert_unresponsive_device.lua

[AlertsK] alert_user_activity.lua

[AlertsK] alert_user_script_calls_drops.lua

[AlertsK] minor fix
 2020-04-24 15:35:44 +02:00
Simone Mainardi
bc154394e9 Cleanup unused code 2020-04-23 12:21:32 +02:00
emanuele-f
0be2da4f57 Cleanup remaining references to RTT 2020-04-20 12:21:39 +02:00
Simone Mainardi
1eb02b2c2b Unifies alert_id and alert_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
e487427aab Refactors alert_utils and enterprise_alert_utils 
Addresses #3720

Alerts Refactor: alert_utils as module

Alerts Refactor: notify_ntopng_start and notify_ntopng_stop

Alerts Refactor: processAlertNotifications

Alerts Refactor: checkStoreAlertsFromC

Alerts Refactor: formatAlertNotification

Alerts Refactor: notification_timestamp_rev

Alerts Refactor: formatAlertMessage

Alerts Refactor: getConfigsetAlertLink

Alerts Refactor: alertNotificationActionToLabel

Alerts Refactor: flushAlertsData

Alerts Refactor: disableAlertsGeneration

Alerts Refactor: newAlertsWorkingStatus and other

Alerts Refactor: drawAlerts

Alerts Refactor: drawAlertTables

Alerts Refactor: printAlertTables

Alerts Refactor: checkDeleteStoredAlerts

Alerts Refactor: getUnpagedAlertOptions

Alerts Refactor: getTabParameters

Alerts Refactor: getAlerts

Alerts Refactor: getNumAlerts

Alerts Refactor: performAlertsQuery

Alerts Refactor: sec2granularity

Alerts Refactor: granularity2id

Alerts Refactor: granularity2sec

Alerts Refactor: alertEngineLabel

Alerts Refactor: alertEngine

Alerts Refactor: alertEngineRaw

Alerts Refactor: alertTypeDescription

Alerts Refactor: alertType

Alerts Refactor: alertTypeLabel

Alerts Refactor: alertTypeRaw

Alerts Refactor: alertSeverity

Alerts Refactor: alertSeverityLabel

Alerts Refactor: alertSeverityRaw

Alerts Refactor: get_make_room_keys

Alerts Refactor: enterprise_alert_utils
 2020-04-10 14:03:20 +02:00
emanuele-f
02c36d4140 Replace calls to getResolvedAddress with host2name 2020-03-31 11:52:50 +02:00
emanuele-f
983fea5701 Fix bad SNMP interface formatter 
Fixes #3659
 2020-03-27 17:40:51 +01:00
Simone Mainardi
3144bc8bdf Renames alert_config to user_script_config 2020-03-26 14:51:53 +01:00
emanuele-f
1862b684ed Fix for alerts_api doc generation 
Do not document local functions!
 2020-03-26 09:39:31 +01:00
Simone Mainardi
755b6f1e47 Adds subtype to collapse macIpAssociationChangeType alerts 2020-02-25 18:49:05 +01:00
Simone Mainardi
9383dfd2b1 Adds subtype to collapse ipOutsideDHCPRangeType alerts 2020-02-25 18:39:32 +01:00
Simone Mainardi
4ed8cfecc3 Implements merge of multiple identical alerts 
Implements #3430
 2020-02-25 18:14:28 +01:00
Simone Mainardi
55d5912729 Moves unused slow_stats_update alert to attic 2020-02-21 14:14:01 +01:00
Simone Mainardi
bd46b7268e Implements system alerts for not executed activities 2020-02-21 14:00:06 +01:00
emanuele-f
8edee160ed Add missing alert type 2020-02-20 17:09:38 +01:00
emanuele-f
96299661b3 Implement periodic activities status monitor 2020-02-20 16:59:11 +01:00
Simone Mainardi
0e64fd94d6 Implements deadlines for periodic and user scripts 2020-02-18 18:44:41 +01:00