vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 07:29:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
13018 commits 26 branches 19 tags 444 MiB
Commit graph

175 commits

Author SHA1 Message Date
Matteo Biscosi
78aedbcebe Reworked unexpected host behaviour alert 
Implements #5128
 2021-03-24 15:38:43 +01:00
Matteo Biscosi
899f852f8e Renamed unexpected behaviour alert params 2021-03-23 19:19:50 +01:00
Matteo Biscosi
60e70f003c Fixes host behaviour alert 2021-03-23 18:42:33 +01:00
Simone Mainardi
1f08d942e0 Checks on stateful alerts to avoid creating unnecessary alert instances 2021-03-22 15:39:12 +01:00
Simone Mainardi
aea9138bfb Implements flow callbacks and alerts in C++ 2021-03-22 09:51:36 +01:00
Alfredo Cardigliano
fa311e3ade Rework user script working sets (a single configset is supported now) 2021-03-01 15:37:45 +01:00
Simone Mainardi
e369aa0a85 Implements alert filters for all engaged alerts 2021-02-24 10:29:59 +01:00
Simone Mainardi
696bcb33e5 Implements alert exclusions for hosts, interfaces, local networks 2021-02-23 15:36:14 +01:00
Matteo Biscosi
5e7cafd8f7 Removed threshold not nil check 
Error due to the fact that an old user script configuration was in use
 2021-02-22 10:23:05 +01:00
Matteo Biscosi
69ebe4e1a6 Temporary fix for threshold value to nil 2021-02-21 17:51:30 +01:00
Matteo Biscosi
d3853aaf90 Implements internet resources misuse script with exception list 
Implements #4984
 2021-02-04 15:10:52 +01:00
Matteo Biscosi
10fb8bbecc Implements #4919 custom alert severity 2021-01-27 12:29:19 +01:00
Simone Mainardi
81360d3a85 Reworks release of all triggered alerts 
Fixes #4884
Fixes #4883
 2021-01-04 18:10:14 +01:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Matteo Biscosi
e94f2cb0b4 Fixed #4737 integration with fail2ban 2020-12-30 11:46:10 +01:00
Alfredo Cardigliano
6f8809954d Safety check and tracing in get_alert_triggered_key 2020-12-29 14:57:41 +01:00
Simone Mainardi
9e5c153b7f Fixes remote-to-remote alerts (leaves flow r2r alerts) 2020-12-24 10:59:51 +01:00
Matteo Biscosi
bcf2c2c1ed Migrates alerts to an object-oriented implementation 2020-12-22 14:48:00 +01:00
matteo
e24ef4ef35 Revert "Migrates alerts to an object-oriented implementation" 
This reverts commit fbc283f12f.
 2020-12-22 13:13:57 +01:00
matteo
fbc283f12f Migrates alerts to an object-oriented implementation 2020-12-22 13:00:25 +01:00
Alfredo Cardigliano
da62df2b73 Remove useless check to avoid misleading warnings 2020-12-18 14:25:25 +01:00
Simone Mainardi
b3dc39c641 Refactors alert_severities into an independend Lua module 2020-11-30 15:28:17 +01:00
Matteo Biscosi
0858d1bb79
Fixes alert_generation nil value 2020-11-30 10:55:12 +01:00
gabryon99
15772bd0fe refactor for endpoints and recipients (#4707) 2020-11-25 16:25:55 +01:00
Matteo Biscosi
507583db64
Added host category to flow and host alerts (#4767) 
* Fixed shell endpoint bug and added notice when executing the script

* Added victim and attacker to security plugins

* Updated hosts alert with host_category info

* Added host category to hosts alert description

* Added host category to flows

Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-20 19:14:07 +01:00
Simone Mainardi
566babf34c Adds min host info to all host-alerts (engaged/released/triggered) 2020-11-19 17:11:18 +01:00
Simone Mainardi
93920ccdce Implements example of simplified flow alerts 2020-11-10 15:10:54 +01:00
Simone Mainardi
4ffe97f3b0 Lateral movement alert entity fixes 2020-10-12 09:22:08 +02:00
Luca Deri
c5e0db54b7 Added support for lateral movement detection 2020-10-11 18:30:21 +02:00
Simone Mainardi
dac9b41a98 Additional alerts cleanup 
Fixes #4504
 2020-10-01 18:45:57 +02:00
Simone Mainardi
b7bdd1edaf Massive cleanup of alerts (disabled/suppressed) 
Fixes #4504
 2020-10-01 18:40:11 +02:00
Simone Mainardi
6c1280a8e5 Reworks recipients.lua as static rather than (useless) instance 2020-09-23 15:03:07 +02:00
Luca Deri
8db941c31e Improved IEC 104 plugin 2020-09-16 23:24:40 +02:00
Simone Mainardi
b7341506f7 Implements checks for script type and alert severity in dispatch_notification 2020-09-16 13:08:07 +02:00
Simone Mainardi
1a8552549b Removes unused old notification_recipients module 2020-09-10 18:10:23 +02:00
Simone Mainardi
9e99fa1403 Uses new in-memory queues for alert recipients (avoid Redis) 2020-09-08 18:36:18 +02:00
Simone Mainardi
85f555a908 Removes intermediate alert queues - only leaves recipient queues 
Implements #4366
 2020-09-04 17:41:55 +02:00
Simone Mainardi
1a7ee97334 Reworks builtin SQLite alerts as a regular alert recipient 2020-09-04 10:33:10 +02:00
Simone Mainardi
6053c752f6 Avoids resending notifications for triggered alerts after restarts 
Implements #4357
 2020-09-03 09:58:46 +02:00
Simone Mainardi
a0097167f4 Fixes active monitoring alerts 2020-09-01 23:03:11 +02:00
Simone Mainardi
230d40abf9 Fixes addition of active monitoring hosts - circular require 
Fixes #4345
 2020-08-31 19:02:11 +02:00
Simone Mainardi
34b53b8a9b Adds documentation for OO recipients and operator functions 2020-08-28 18:57:59 +02:00
Simone Mainardi
fa00119b56 Adds operator function to evaluate threshold-based alerts 2020-08-28 17:04:25 +02:00
Simone Mainardi
aeecbcce29 Initial implementation of OO recipients with SQLite 2020-08-28 13:19:58 +02:00
Luca Deri
398e25c022 Disabled log 2020-08-17 18:24:05 +02:00
Alfredo Cardigliano
d55e4dc441 Remove alert_endpoints_utils (no longer required). Doc update. 2020-07-28 12:49:06 +02:00
Alfredo Cardigliano
7ffb4df9a6 Handle host pool serialization (exception for backward compatibility). 
Fix recipients add
Initial work for alerts dispatching to recipients
 2020-07-23 06:22:17 +02:00
Alfredo Cardigliano
f038baf804 Alerts are no longer enqueued if disabled 2020-07-23 00:49:28 +02:00
Simone Mainardi
09eb53a16d Prevents circular dependency in require 
Fixes

string stack traceback:
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2029: in local 'parsePOSTpayload'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2081: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/lua_utils.lua:3810: in main chunk
[C]: in function 'require'
...e/simone/ntopng/scripts/lua/modules/pools/base_pools.lua:7: in main chunk
[C]: in function 'require'
...e/ntopng/scripts/lua/modules/pools/pools_alert_utils.lua:10: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/alerts_api.lua:12: in main chunk
...
...b/ntopng/plugins0/modules/active_monitoring/am_utils.lua:11: in main chunk
[C]: in function 'dofile'
/home/simone/ntopng/scripts/lua/modules/plugins_utils.lua:942: in function 'plugins_utils.loadModule'
/var/lib/ntopng/plugins0/http_lint/active_monitoring.lua:17: in field '?'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:1902: in upvalue 'validateParameter'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:1989: in local 'lintParams'
/home/simone/ntopng/scripts/lua/modules/http_lint.lua:2085: in main chunk
[C]: in function 'require'
/home/simone/ntopng/scripts/lua/modules/lua_utils.lua:3810: in main chunk
[C]: in function 'require'
.../ntopng/plugins0/scripts/edit_active_monitoring_host.lua:9: in main chunk
 2020-07-23 11:58:03 +02:00
Simone Mainardi
dce5623bc2 Fixes pool ids associated with interface alerts 2020-07-21 15:24:19 +02:00