vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-20 17:29:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
12602 commits 26 branches 19 tags 460 MiB
Commit graph

96 commits

Author SHA1 Message Date
Simone Mainardi
84ac0f4dfc Implements filtering of flow user scripts 2021-02-12 12:56:06 +01:00
Alfredo Cardigliano
7bee78fe75 Sort modules by prio and then by name to provide deterministic results 2021-02-11 16:28:41 +01:00
Simone Mainardi
38d31a474a Makes multiple score increments status-dependent 
Implements #4993
 2021-01-30 12:45:04 +01:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Simone Mainardi
a3383c5e2c Honors status_always_notify also for the internal SQLite recipient 2020-12-30 19:31:23 +01:00
Simone Mainardi
e3eda6e082 Implements ability to trigger flow alerts even if already triggered 2020-12-30 13:08:55 +01:00
Simone Mainardi
56a4c999a3 Initial flow status rework to remove globals 2020-12-30 12:06:33 +01:00
Simone Mainardi
dc007ba88b Disables user script benchmarks calculated but not used by default 
Partially addresses #4673
 2020-12-28 14:51:42 +01:00
Simone Mainardi
8d6dafc897 Unifies new alerts and flow alerts API 2020-12-04 17:03:23 +01:00
Simone Mainardi
5c0c23feb6 Fixes execution of periodicUpdate flow callback 
Fixes #4687
 2020-11-06 18:17:54 +01:00
Simone Mainardi
d7f1ce0d8c Reworks and optimizes flow alerted status 2020-10-19 16:50:22 +02:00
Alfredo Cardigliano
a5a8030e35 Cleanup trigger flow external alert 2020-10-19 13:12:31 +02:00
Simone Mainardi
d3dda0bb82 Unifies misbehaving with alerted flows 
Implements #4596
 2020-10-16 18:58:20 +02:00
Simone Mainardi
b7bdd1edaf Massive cleanup of alerts (disabled/suppressed) 
Fixes #4504
 2020-10-01 18:40:11 +02:00
Simone Mainardi
0db456c0cf Reworks flow user scripts execution in C++ 2020-09-30 18:41:36 +02:00
Simone Mainardi
814ee67cf9 Reworks nDPI Risks flow plugins to handle all risks and scores 
Fixes #4432
 2020-09-23 17:58:51 +02:00
Simone Mainardi
6c1280a8e5 Reworks recipients.lua as static rather than (useless) instance 2020-09-23 15:03:07 +02:00
Alfredo Cardigliano
7bda229e8f Use score to filter flow alerts when supported (Enterprise) 2020-09-22 04:22:58 +02:00
Simone Mainardi
db0d7730a8 Implements per-category host score 
Implements #4413
 2020-09-18 18:34:28 +02:00
Simone Mainardi
b7341506f7 Implements checks for script type and alert severity in dispatch_notification 2020-09-16 13:08:07 +02:00
Simone Mainardi
9e99fa1403 Uses new in-memory queues for alert recipients (avoid Redis) 2020-09-08 18:36:18 +02:00
Simone Mainardi
85f555a908 Removes intermediate alert queues - only leaves recipient queues 
Implements #4366
 2020-09-04 17:41:55 +02:00
Alfredo Cardigliano
f038baf804 Alerts are no longer enqueued if disabled 2020-07-23 00:49:28 +02:00
Simone Mainardi
09c69edb22 Major rework of user_scripts.lua to use new pools 2020-07-10 13:01:29 +02:00
Simone Mainardi
b6447bbfb0 Implements ordering for flow Lua callbacks 2020-05-17 14:12:08 +02:00
Simone Mainardi
f3a5d7b10e Fixes external suricata alerts 2020-04-28 20:37:50 +02:00
Alfredo Cardigliano
c22f3b00e1 Fix alert ids source match 2020-04-28 16:12:03 +02:00
Alfredo Cardigliano
963cff670f Cleanup severity for external alerts 2020-04-27 18:04:41 +02:00
Simone Mainardi
83c4d36e34 Simplifies flow.triggerStatus using internal flow status reference 2020-04-27 17:48:56 +02:00
Simone Mainardi
efe4f9a8be Unifies alerts generation format with flow statuses 2020-04-27 14:37:04 +02:00
Simone Mainardi
ab1690ad9e Implements builders for each flow status definition 
[FlowsK] alert_blacklisted_country.lua

[FlowsK] alert_flow_blacklisted.lua

[FlowsK] alert_device_protocol_not_allowed.lua

[FlowsK] external_alert.lua

[FlowsK] alert_potentially_dangerous_protocol.lua

[FlowsK] tls_certificate_mismatch.lua

[FlowsK] tls_certificate_expired.lua

[FlowsK] tls_malicious_signature.lua

[FlowsK] elephant_flows.lua

[FlowsK] not_purged.lua

[FlowsK] web_mining.lua

[FlowsK] potentially_dangerous.lua

[FlowsK] alert_flow_blocked.lua
 2020-04-27 12:43:37 +02:00
Simone Mainardi
0a9a7015e0 Unifies status_id and status_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
1eb02b2c2b Unifies alert_id and alert_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
e487427aab Refactors alert_utils and enterprise_alert_utils 
Addresses #3720

Alerts Refactor: alert_utils as module

Alerts Refactor: notify_ntopng_start and notify_ntopng_stop

Alerts Refactor: processAlertNotifications

Alerts Refactor: checkStoreAlertsFromC

Alerts Refactor: formatAlertNotification

Alerts Refactor: notification_timestamp_rev

Alerts Refactor: formatAlertMessage

Alerts Refactor: getConfigsetAlertLink

Alerts Refactor: alertNotificationActionToLabel

Alerts Refactor: flushAlertsData

Alerts Refactor: disableAlertsGeneration

Alerts Refactor: newAlertsWorkingStatus and other

Alerts Refactor: drawAlerts

Alerts Refactor: drawAlertTables

Alerts Refactor: printAlertTables

Alerts Refactor: checkDeleteStoredAlerts

Alerts Refactor: getUnpagedAlertOptions

Alerts Refactor: getTabParameters

Alerts Refactor: getAlerts

Alerts Refactor: getNumAlerts

Alerts Refactor: performAlertsQuery

Alerts Refactor: sec2granularity

Alerts Refactor: granularity2id

Alerts Refactor: granularity2sec

Alerts Refactor: alertEngineLabel

Alerts Refactor: alertEngine

Alerts Refactor: alertEngineRaw

Alerts Refactor: alertTypeDescription

Alerts Refactor: alertType

Alerts Refactor: alertTypeLabel

Alerts Refactor: alertTypeRaw

Alerts Refactor: alertSeverity

Alerts Refactor: alertSeverityLabel

Alerts Refactor: alertSeverityRaw

Alerts Refactor: get_make_room_keys

Alerts Refactor: enterprise_alert_utils
 2020-04-10 14:03:20 +02:00
Alfredo Cardigliano
2425134f05 Replace isEnterprise with isEnterpriseM 2020-04-02 12:36:34 +00:00
Alfredo Cardigliano
b3ceaf9db4 Moved external alert score computation (fix #3447) 2020-02-24 15:01:21 +01:00
Alfredo Cardigliano
dbe07bbfcd Score computation fix (external alerts) 2020-02-24 12:27:48 +01:00
Simone Mainardi
5b70db90ad Handles deadlines for flow user scripts 2020-02-19 10:46:44 +01:00
emanuele-f
58b3d42d22 Set max score on hosts contacting blacklisted hosts 2020-02-17 15:16:01 +01:00
emanuele-f
e3d3d3992f Replace an existing flow alert if a more critical problem is found 
Also add the flow score into the database
 2020-02-07 19:20:57 +01:00
emanuele-f
0a0a3c4537 Rework flow status accounting 2020-02-07 19:17:07 +01:00
emanuele-f
13ec0d2f44 Use the flow score to determine the status priority 2020-02-07 19:17:07 +01:00
emanuele-f
96925a7e03 Fix invalid flow.triggerStatus calls 2020-02-06 10:31:22 +01:00
emanuele-f
c791fc1246 Add check to avoid nil config 2020-01-24 11:35:59 +01:00
Simone Mainardi
1cbdbbd339 Hides status_id from flow.{trigger,set,clear}Status 
Fixes #3266
 2020-01-21 12:27:33 +01:00
emanuele-f
dd8643ad79 Add missing community check 2020-01-20 13:21:38 +01:00
emanuele-f
aca088ea13 Add hyperlink to jump to the alert configuration 
Closes #2936
 2020-01-17 19:11:15 +01:00
emanuele-f
508d040a49 Fix updateScore not called in flow.setStatus 2020-01-17 11:11:02 +01:00
emanuele-f
a97dbd013b Remove score global preference 2020-01-16 18:21:35 +01:00
emanuele-f
566b9ece0b Score changes 
- Move score from status definition to user scripts
- Separate flow score counter from the peers score
- Create a new HostScore class to hold the score data
 2020-01-16 18:11:14 +01:00