vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-05 19:15:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
26031 commits 26 branches 19 tags 448 MiB
Commit graph

60 commits

Author SHA1 Message Date
Alfredo Cardigliano
0dd78b4958 Update (c) 2026-01-02 09:11:30 +01:00
Alfredo Cardigliano
5d4ad3c6be Set collected OT_INFO to ParsedFlow 2025-12-10 11:04:55 +01:00
Luca Deri
20b5a4ac11 Added support for %TCP_STATS_SRC_TO_DST %TCP_STATS_DST_TO_SRC (WiP) 2025-11-03 23:41:27 +01:00
Alfredo Cardigliano
6879bb1653 Check tlv serializer creation 2025-10-08 15:21:09 +02:00
Luca Deri
dc12ba4ff4 Added TCP fingerprint support 2025-05-26 21:33:09 +02:00
Luca Deri
80b71567b8 Cleaned-up OS type and aligned to nDPI 2025-03-31 13:07:48 +02:00
Luca Deri
c08b31774d Implemented nDPI OS hint support 2025-03-24 23:39:16 +01:00
Alfredo Cardigliano
b1fb4322f9 Fix correlation of suricata alerts for dns flows 2025-03-18 08:59:46 +01:00
Alfredo Cardigliano
8690becceb Parse query id from syslog alerts 2025-03-17 20:14:56 +01:00
Luca
e4377db8b7 QoE enhancements 2025-03-05 09:17:44 +01:00
Luca Deri
ac8dd466fd Added L7 (nDPI) JSON collection 2025-01-28 15:28:41 +01:00
Alfredo Cardigliano
9352d0cdcd Update copyright 2025-01-02 09:09:56 +01:00
Alfredo Cardigliano
57d683fd78 Parse WLAN_SSID and WTP_MAC_ADDRESS from flows and visualize them in flow details 2024-09-16 16:25:17 +02:00
Alfredo Cardigliano
548c9aeec5 Remove obsolete JA3 support 2024-08-09 09:08:32 +02:00
Alfredo Cardigliano
f4a66f0996 Improve ParsedFlow print. Moved to father to access all fields 2024-07-09 10:35:36 +00:00
Matteo Biscosi
d795bf3474 Added NAT info in clickhouse (#8384) 2024-05-10 10:22:55 -04:00
Luca Deri
3d117a9e16 Added support for SIP CallID in flow key 2024-05-04 11:27:38 +02:00
Luca Deri
db38a5d2d5 DHCP (via ZMQ) Fixes for #7972 
The symbolic hostname will use the DHCP name before the DNS resolved name
 2024-05-02 21:46:03 +02:00
Nicolo Maio
9165d05e40 Add JA4C 2024-02-20 11:48:13 +01:00
Nicolo Maio
ed479a8b09 Add SMTP_MAIL_FROM, SMTP_RCPT_TO mapping + L7_PROTO_RISK_NAME dump on syslog. 2024-01-30 17:52:33 +01:00
Nicolo Maio
d0eb93ec1a Implement the FLOW_END_REASON parser. 2024-01-30 14:23:32 +01:00
Luca Deri
55870e97b9 (C) Update 2024-01-12 11:44:18 +01:00
Luca Deri
c00c4b9360 Added flow source support 2024-01-11 12:43:25 +01:00
Luca Deri
ba75c279d0 Added icon in flows that indicate when the flow has swapped directions 2023-12-01 20:48:40 +01:00
Luca
6f61a22ec4 Cleaned up ParsedFlow code 2023-08-07 23:19:20 +02:00
lucaderi
d395deac4e Automated commit of clang-format CI changes. 2023-04-07 14:20:44 +00:00
Luca Deri
f726b867c7 Updated (C) 2023-01-01 16:37:57 +01:00
Alfredo Cardigliano
bbf2edb5d5 Add process/container/tcp info for both client and server. Parse container id. 2022-06-08 18:27:17 +02:00
Alfredo Cardigliano
b5566ee3de Set parsed ebpf info flag 2022-06-08 12:07:17 +02:00
Luca Deri
0ae4341d9b Added %L7_CONFIDENCE support 2022-06-06 14:05:42 +02:00
Luca Deri
930a2ac34d Added support for FlowRiskInfo via nProbe 2022-05-31 11:29:32 +02:00
Luca Deri
0e05c21d9f Added support for error code 2022-05-02 13:04:01 +02:00
Luca Deri
adf97e5e9b HTTP User Agent is now exported in nProbe and collected by ntopng. Implements ##6325 2022-02-16 23:47:54 +01:00
Alfredo Cardigliano
f2060f2488 Copyright update (C) 2022-01-03 09:35:09 +01:00
Simone Mainardi
00787c0e7e Implements support for nProbe field L7_INFO 
Addresses #5844
 2021-09-06 14:35:16 +02:00
Luca Deri
3dda9ba905 Added FLOW_VERDICT handling 2021-04-19 23:49:23 +02:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Simone Mainardi
941da6819f Implements HTTP method using enum ndpi_http_method 2020-08-27 10:04:58 +02:00
Luca Deri
0bd6f1353a Added support for flow risk over ZMQ 2020-08-26 23:03:00 +02:00
Luca Deri
57e6a93065 Improved scheduling algorithm to guarantee minimum service time when number of entries allow 
Updated (C)
 2020-01-06 23:36:36 +01:00
Alfredo Cardigliano
e38835a603 Rename SSL to TLS (fix #3013) 2019-11-15 12:40:01 +01:00
Alfredo Cardigliano
d05777df1e External alerts API update and cleanup 2019-10-22 15:08:06 +02:00
Alfredo Cardigliano
a2e74e16a3 New Lua interface.processFlow API, moved processFlow from NetworkInterface to ParserInterface, code cleanup 2019-10-10 12:49:32 +02:00
Alfredo Cardigliano
256fec9283 Importing http metadata from Suricata 2019-10-05 12:15:16 +02:00
Alfredo Cardigliano
b7d459dd2b Moved strdup for JSON/TLV strings from Flow to Parser to handle non-null-terminated strings 2019-09-13 12:36:19 +02:00
Alfredo Cardigliano
1a98a04cdf Optimized additional elements allocation with TLV 2019-09-11 16:14:39 +02:00
Alfredo Cardigliano
9bd00fa0ee Support for encoding additional fields to TLV 2019-09-10 20:50:34 +02:00
Alfredo Cardigliano
2c81afd678 Setting severity for IDS alerts 2019-08-28 03:38:01 +02:00
Alfredo Cardigliano
f8af84df2d SyslogParserInterface now supports the companion interface for delivering Suricata alerts to a packet interface (#1928) 2019-08-27 17:53:34 +02:00
Alfredo Cardigliano
babab56394 Handling http ret code, dns query type and ret code from the ZMQ parser 2019-07-26 16:12:35 +00:00