vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 07:59:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
12681 commits 26 branches 19 tags 446 MiB
Commit graph

167 commits

Author SHA1 Message Date
Matteo Biscosi
5e7cafd8f7 Removed threshold not nil check 
Error due to the fact that an old user script configuration was in use
 2021-02-22 10:23:05 +01:00
Matteo Biscosi
69ebe4e1a6 Temporary fix for threshold value to nil 2021-02-21 17:51:30 +01:00
Matteo Biscosi
d3853aaf90 Implements internet resources misuse script with exception list 
Implements #4984
 2021-02-04 15:10:52 +01:00
Matteo Biscosi
10fb8bbecc Implements #4919 custom alert severity 2021-01-27 12:29:19 +01:00
Simone Mainardi
81360d3a85 Reworks release of all triggered alerts 
Fixes #4884
Fixes #4883
 2021-01-04 18:10:14 +01:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Matteo Biscosi
e94f2cb0b4 Fixed #4737 integration with fail2ban 2020-12-30 11:46:10 +01:00
Alfredo Cardigliano
6f8809954d Safety check and tracing in get_alert_triggered_key 2020-12-29 14:57:41 +01:00
Simone Mainardi
9e5c153b7f Fixes remote-to-remote alerts (leaves flow r2r alerts) 2020-12-24 10:59:51 +01:00
Matteo Biscosi
bcf2c2c1ed Migrates alerts to an object-oriented implementation 2020-12-22 14:48:00 +01:00
matteo
e24ef4ef35 Revert "Migrates alerts to an object-oriented implementation" 
This reverts commit fbc283f12f.
 2020-12-22 13:13:57 +01:00
matteo
fbc283f12f Migrates alerts to an object-oriented implementation 2020-12-22 13:00:25 +01:00
Alfredo Cardigliano
da62df2b73 Remove useless check to avoid misleading warnings 2020-12-18 14:25:25 +01:00
Simone Mainardi
b3dc39c641 Refactors alert_severities into an independend Lua module 2020-11-30 15:28:17 +01:00
Matteo Biscosi
0858d1bb79
Fixes alert_generation nil value 2020-11-30 10:55:12 +01:00
gabryon99
15772bd0fe refactor for endpoints and recipients (#4707) 2020-11-25 16:25:55 +01:00
Matteo Biscosi
507583db64
Added host category to flow and host alerts (#4767) 
* Fixed shell endpoint bug and added notice when executing the script

* Added victim and attacker to security plugins

* Updated hosts alert with host_category info

* Added host category to hosts alert description

* Added host category to flows

Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-20 19:14:07 +01:00
Simone Mainardi
566babf34c Adds min host info to all host-alerts (engaged/released/triggered) 2020-11-19 17:11:18 +01:00
Simone Mainardi
93920ccdce Implements example of simplified flow alerts 2020-11-10 15:10:54 +01:00
Simone Mainardi
4ffe97f3b0 Lateral movement alert entity fixes 2020-10-12 09:22:08 +02:00
Luca Deri
c5e0db54b7 Added support for lateral movement detection 2020-10-11 18:30:21 +02:00
Simone Mainardi
dac9b41a98 Additional alerts cleanup 
Fixes #4504
 2020-10-01 18:45:57 +02:00
Simone Mainardi
b7bdd1edaf Massive cleanup of alerts (disabled/suppressed) 
Fixes #4504
 2020-10-01 18:40:11 +02:00
Simone Mainardi
6c1280a8e5 Reworks recipients.lua as static rather than (useless) instance 2020-09-23 15:03:07 +02:00
Luca Deri
8db941c31e Improved IEC 104 plugin 2020-09-16 23:24:40 +02:00
Simone Mainardi
b7341506f7 Implements checks for script type and alert severity in dispatch_notification 2020-09-16 13:08:07 +02:00
Simone Mainardi
1a8552549b Removes unused old notification_recipients module 2020-09-10 18:10:23 +02:00
Simone Mainardi
9e99fa1403 Uses new in-memory queues for alert recipients (avoid Redis) 2020-09-08 18:36:18 +02:00
Simone Mainardi
85f555a908 Removes intermediate alert queues - only leaves recipient queues 
Implements #4366
 2020-09-04 17:41:55 +02:00
Simone Mainardi
1a7ee97334 Reworks builtin SQLite alerts as a regular alert recipient 2020-09-04 10:33:10 +02:00
Simone Mainardi
6053c752f6 Avoids resending notifications for triggered alerts after restarts 
Implements #4357
 2020-09-03 09:58:46 +02:00
Simone Mainardi
a0097167f4 Fixes active monitoring alerts 2020-09-01 23:03:11 +02:00
Simone Mainardi
230d40abf9 Fixes addition of active monitoring hosts - circular require 
Fixes #4345
 2020-08-31 19:02:11 +02:00
Simone Mainardi
34b53b8a9b Adds documentation for OO recipients and operator functions 2020-08-28 18:57:59 +02:00
Simone Mainardi
fa00119b56 Adds operator function to evaluate threshold-based alerts 2020-08-28 17:04:25 +02:00
Simone Mainardi
aeecbcce29 Initial implementation of OO recipients with SQLite 2020-08-28 13:19:58 +02:00
Luca Deri
398e25c022 Disabled log 2020-08-17 18:24:05 +02:00
Alfredo Cardigliano
d55e4dc441 Remove alert_endpoints_utils (no longer required). Doc update. 2020-07-28 12:49:06 +02:00
Alfredo Cardigliano
7ffb4df9a6 Handle host pool serialization (exception for backward compatibility). 
Fix recipients add
Initial work for alerts dispatching to recipients
 2020-07-23 06:22:17 +02:00
Alfredo Cardigliano
f038baf804 Alerts are no longer enqueued if disabled 2020-07-23 00:49:28 +02:00
Simone Mainardi
09eb53a16d Prevents circular dependency in require 
Fixes

string stack traceback:
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2029: in local 'parsePOSTpayload'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2081: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/lua_utils.lua:3810: in main chunk
[C]: in function 'require'
...e/simone/ntopng/scripts/lua/modules/pools/base_pools.lua:7: in main chunk
[C]: in function 'require'
...e/ntopng/scripts/lua/modules/pools/pools_alert_utils.lua:10: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/alerts_api.lua:12: in main chunk
...
...b/ntopng/plugins0/modules/active_monitoring/am_utils.lua:11: in main chunk
[C]: in function 'dofile'
/home/simone/ntopng/scripts/lua/modules/plugins_utils.lua:942: in function 'plugins_utils.loadModule'
/var/lib/ntopng/plugins0/http_lint/active_monitoring.lua:17: in field '?'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:1902: in upvalue 'validateParameter'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:1989: in local 'lintParams'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2085: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/lua_utils.lua:3810: in main chunk
[C]: in function 'require'
.../ntopng/plugins0/scripts/edit_active_monitoring_host.lua:9: in main chunk
 2020-07-23 11:58:03 +02:00
Simone Mainardi
dce5623bc2 Fixes pool ids associated with interface alerts 2020-07-21 15:24:19 +02:00
Simone Mainardi
ceba04f92c Fixes to associate pool ids with alerts 2020-07-21 14:59:12 +02:00
Simone Mainardi
42b7d8e7e9 Implements facility to add pool info to alerts 2020-07-21 13:09:27 +02:00
emanuele-f
ba5c64b107 Rework host label getters 
This fixes inconsistencies across the ntopng gui

Addresses #3699
 2020-05-07 17:47:18 +02:00
Simone Mainardi
290175b16f Refactors alrt builders into creators 
Refactors builders into creators: calls
 2020-04-27 15:53:56 +02:00
Simone Mainardi
2739aac076 Implements alert builders for each alert definition 
[AlertsK] Implements alert consts builder

[AlertsK] alert_threshold_cross.lua

[AlertsK] too_many_drops.lua

[AlertsK] alert_test_failed.lua

[AlertsK] alert_flows_flood.lua alert_tcp_syn_flood.lua lert_tcp_syn_scan.lua

[AlertsK] alert_snmp_topology_changed.lua

[AlertsK] snmp_device_reset.lua

[AlertsK] alert_slow_periodic_activity.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_load_threshold_exceeded.lua

[AlertsK] alert_port_errors.lua

[AlertsK] alert_port_duplexstatus_change.lua

[AlertsK] alert_periodic_activity_not_executed.lua

[AlertsK] alert_misbehaving_flows_ratio.lua

[AlertsK] alert_influxdb_error.lua

[AlertsK] alert_influxdb_dropped_points.lua

[AlertsK] alert_dropped_alerts.lua

[AlertsK] alert_am_threshold_cross.lua

[AlertsK] alert_broadcast_domain_too_large.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_host_pool_connection.lua alert_host_pool_disconnection.lua

[AlertsK] alert_ghost_network.lua

[AlertsK] alert_ip_outsite_dhcp_range.lua

[AlertsK] alert_list_download_failed.lua

[AlertsK] alert_login_failed.lua

[AlertsK] alert_mac_ip_association_change.lua

[AlertsK] alert_slow_purge.lua

[AlertsK] alert_request_reply_ratio.lua

[AlertsK] alert_quota_exceeded.lua

[AlertsK] alert_process_notification.lua

[AlertsK] alert_nfq_flushed.lua

[AlertsK] alert_misconfigured_app.lua alert_new_device.lua

[AlertsK] alert_influxdb_export_failure.lua

[AlertsK] alert_unresponsive_device.lua

[AlertsK] alert_user_activity.lua

[AlertsK] alert_user_script_calls_drops.lua

[AlertsK] minor fix
 2020-04-24 15:35:44 +02:00
Simone Mainardi
bc154394e9 Cleanup unused code 2020-04-23 12:21:32 +02:00
emanuele-f
0be2da4f57 Cleanup remaining references to RTT 2020-04-20 12:21:39 +02:00
Simone Mainardi
1eb02b2c2b Unifies alert_id and alert_key 2020-04-15 14:29:03 +02:00