vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-05 19:15:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
23879 commits 26 branches 19 tags 448 MiB
Commit graph

128 commits

Author SHA1 Message Date
Matteo Biscosi
133f5339b3 Added host policy alert in lua 2024-12-19 10:23:46 +01:00
Matteo Biscosi
e89f07f238 Merged score threshold and dangerous hosts alerts (#8827) 2024-12-12 16:45:43 +01:00
Matteo Biscosi
07ef54c7cc Added ACL violation ARP alert (#8696) 2024-12-02 13:07:56 +01:00
Matteo Biscosi
819f39830b Added ACL Violation alert (#8696) 2024-11-28 18:02:53 +01:00
Luca
1117e71d18 Removed SYN flood check that was partially overlapping with SYN scan 2024-10-22 15:46:50 +02:00
Matteo Biscosi
952e136080 Moved unexpected gateway check from flows to hosts 2024-10-07 16:58:31 +02:00
Matteo Biscosi
5314a61f7c Added gateway alert and configuration (#8687); Fixes nedge compilation issue 2024-10-02 11:07:19 +02:00
Alfredo Cardigliano
a3261edbcc Cleanup unused code 2024-09-03 09:03:16 +02:00
Alfredo Cardigliano
3b0b60c422 Remove JA3 leftovers. Update alert keys. Rename malivious JA3 to malicious Fingerprint. 2024-09-02 18:34:17 +02:00
GabrieleDeri
c21fed6982
Split ndpi flow alerts enum from ntopng flow alerts enum (#8675) 
* Split ndpi flow alerts enum from ntopng flow alerts enum

* Separated ndpi flow alerts form ntopng

* Removed tracing

* Fixed doc/remediation links not working in live hist flows
 2024-08-27 15:40:50 +02:00
Luca Deri
16b5a8ccc1 Implemented no exporter/probe activity (#8608) 2024-08-07 18:06:51 +02:00
Alfredo Cardigliano
b09688beee Add new alert no_exporter_activity 2024-08-07 13:05:48 +02:00
Alfredo Cardigliano
47e293b2df Difine new alert type snmp_trap. Add ability to trigger snmp_trap from C. 2024-07-25 08:16:33 +00:00
Matteo Biscosi
13287d609e Added alert when dropping flows due to flow exporters limit exceeded 2024-07-15 18:58:36 +02:00
Alfredo Cardigliano
8d326f2718 Define new alert cloud_reconnected 2024-06-21 17:59:14 +02:00
Alfredo Cardigliano
dab5aeba99 Define new alert cloud_disconnected 2024-06-21 17:33:05 +02:00
Luca Deri
c53b79e302 Definition of SNMP polling error 2024-06-02 17:55:37 +02:00
Luca Ferretti
edef411ebc
added contacted_server_port alert (#8408) 
* initial integretion of server port check

* update learning period and received packet time

* updated host initial time

* Update Flow.cpp

* fixed reported issues

* added server_ports_contacts alert

* minor changes
 2024-05-28 12:52:36 +02:00
Luca Deri
91bea0bce2 Added risk NDPI_PROBING_ATTEMPT 2024-05-22 18:44:10 +02:00
Nicolò Maio
59075f5e10
Splitting blacklisted flow alert and creating two new alerts. (#8354) (#8355) 
* Splitting blacklisted flow alert and creating two new alerts. (#8354)

* Renaming to 'Blacklisted Client Contact' and 'Blacklisted Server Contact'. (#8354)
 2024-04-24 17:37:30 +02:00
Nicolò Maio
636ba2975c
Add Flow Reset Alert and counter. (#8264) (#8348) 
* Add Flow Reset Alert and counter. (#8264)

* Renaming to TCP Flow Reset. (#8264)

* Renaming the value retrieved by the getName method. (#8264)
 2024-04-24 17:15:20 +02:00
Alfredo Cardigliano
3dbdcc4966 Fix filters on alert types for non host/flow alerts 2024-04-22 18:39:55 +02:00
Luca Deri
ee6b67ed0c Added support for nDPI's NDPI_BINARY_DATA_TRANSFER 2024-04-09 10:35:49 +02:00
Luca Deri
f26d56959c Renamed HostBlackHoleContactsAlert to HostScannerAlert 2024-04-08 18:35:49 +02:00
Nicolò Maio
2deb42a7a2
Add the blackhole contacts alerts and update the scan detection alert. (#8290) 2024-03-28 08:55:45 +01:00
Nicolo Maio
4e9d324236 Add traffic profiles rules. (#7839) 2024-03-01 15:18:08 +01:00
Matteo Biscosi
88e5d26afe Removed no more used checks (#8235) 2024-02-27 05:49:44 -05:00
Matteo Biscosi
af9011684b Moved host traffic checks to unused 2024-02-27 05:30:20 -05:00
Luca Deri
2ee2c180a5 Removed alerts no longer necessary as they have been replaced by local traffic rules 2024-02-21 22:54:22 +01:00
Nicolo Maio
df2e4bd12a Add VLAN rules. (#8193) 2024-02-06 17:47:15 +01:00
Nicolo Maio
d537a71781 Add usage metric in SNMP devices rules. 2024-01-19 11:15:19 +01:00
Nicolo Maio
b3c573498f Reworked SNMP interfaces average usage and replaced the interface load alert with the interface average usage alert (#8168) 2024-01-17 12:41:59 +01:00
Luca Deri
55870e97b9 (C) Update 2024-01-12 11:44:18 +01:00
Matteo Biscosi
ed4ab2836f Added system alert in case of ntopng failure (#8040) 2023-11-22 10:22:22 +00:00
Luca Deri
17a843b47e Added NDPI_MALWARE_HOST_CONTACTED support! 2023-10-18 00:08:29 +02:00
Luca Deri
d1761ba70c Updated with latest nDPi risks 2023-09-11 15:19:37 +02:00
Nicolo Maio
7d3696c076 Add host pools and networks in Local Traffic Rules. (#7754) 2023-08-17 17:45:32 +02:00
Matteo Biscosi
3ca4ad98ae Added vulnerability issues alert (#7717) 2023-08-04 13:24:27 +00:00
Alfredo Cardigliano
823757f0a1 Typo 2023-07-31 09:44:52 +02:00
Matteo Biscosi
fcd6102ad0 Reworked behavior analysis alerts 2023-06-16 14:32:02 +00:00
Luca Deri
e86cd0f2ce added Modbus Invalid Transition Alert 2023-06-05 00:53:27 +02:00
Luca Deri
4a13dc41d5 Implemented Modbus exceptions 2023-06-01 22:53:59 +02:00
Alfredo Cardigliano
2434ae9e76 Cleanup deprecated code 2023-05-18 18:36:25 +02:00
Nicolo Maio
5bf92eec23 Add backend endpoint to handle checks. (#7446) 2023-05-15 16:12:17 +00:00
Luca Deri
96e10b12a5 Added stub for RareDestination check/alert implementation #6416 and #6417 2023-03-22 15:11:53 +01:00
Matteo Biscosi
fc82eff56b Updated alert to NDPI_NUMERIC_IP_HOST 2023-03-02 15:18:40 +00:00
Nicolò Maio
cf8a89a7e1
Add lowerbound and upperbound choice and percentage threshold on host rules. (#6855) (#7238) 
* Add lowerbound and percentage threshold on host rules. (#6855)

* Add interface rules. (#6855)

* Added ability to blacklist hosts via Lua API

* Not supposed to be committed

* Method signature change to be called it also from a lua host script

* Fix empty string heck

* Add param check

* Add example listing alerts

* Fix params check

* Fix alert raw queris

* Removed debug code

* MacOS changes

* Updated (C)

* Warning fixes

* Removed sprintf calls

* Added rx_only_hosts classification

* https://github.com/ntop/ntopng/issues/7233; extend datatable component to allow external vue components in table menu bar

* Update dist: https://github.com/ntop/ntopng/issues/7233; extend datatable component to allow external vue components in table menu bar

* Remove obsoleted comment

* Minor GUI fix. (#6855)

* Fix on alert format. (#6855)

* Minor fix. (#6855)

* Update doc. (#6855)

---------

Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
Co-authored-by: Luca Deri <deri@ntop.org>
Co-authored-by: Alfredo Cardigliano <cardigliano@ntop.org>
Co-authored-by: uccidibuti <vannucci@ntop.org>
 2023-02-21 14:37:09 +01:00
Nicolò Maio
6d2ee3d599
Add network issue alert (#6691) (#7228) 
* Add network issues alert. (#6691)

* Fix alert subtype. (#6691)

* Update default values. (#6691)

* Minor fix. (#6691)
 2023-02-14 05:40:06 -05:00
MatteoBiscosi
ddb55b4d7e Updated ndpi alerts (#7200) 2023-02-09 18:46:37 +01:00
Nicolò Maio
7162045cdd
Add VLAN bidirectional traffic alert (#7126) (#7194) 
* Add VLAN bidirectional traffic alert (#7126)

* Add alert description. (#7126)
 2023-02-03 10:33:25 +01:00