vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-20 00:57:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
12954 commits 26 branches 19 tags 459 MiB
Commit graph

763 commits

Author SHA1 Message Date
Simone Mainardi
f61ffc045b Merge branch 'c-user-scripts' into dev 2021-03-22 10:36:13 +01:00
Simone Mainardi
aea9138bfb Implements flow callbacks and alerts in C++ 2021-03-22 09:51:36 +01:00
Matteo Biscosi
97c83e1d75 Fixes delete alerts older then 2021-03-04 18:21:00 +01:00
Simone Mainardi
716d907ff1 Configset initialization fixes 2021-03-01 18:19:38 +01:00
Alfredo Cardigliano
fa311e3ade Rework user script working sets (a single configset is supported now) 2021-03-01 15:37:45 +01:00
Simone Mainardi
696bcb33e5 Implements alert exclusions for hosts, interfaces, local networks 2021-02-23 15:36:14 +01:00
Matteo Biscosi
c62c2c232e Removed useless requires for enchanting performances 
Removed, where it was possible, the lua requires, with the objective of enchanting the performances of periodic activities
 2021-02-23 10:51:50 +01:00
Luca Deri
f1c87e533f Simplified housekeeping.lua 2021-02-22 18:03:25 +01:00
Simone Mainardi
a9aef2c70a Update for test alert_dns_data_exfiltration_02 2021-02-19 18:50:25 +01:00
Simone Mainardi
9049cb327f Update for test alert_dns_data_exfiltration_02 2021-02-19 18:41:36 +01:00
Simone Mainardi
e3dab26574 Fixes flow status not set under certain conditions 2021-02-18 11:12:26 +01:00
Simone Mainardi
9314f36cc5 Fixes remote to remote alerts setting nil scores 2021-02-18 10:59:36 +01:00
Simone Mainardi
0d39732d1c Implements telemetry for alter filters 2021-02-17 12:08:40 +01:00
Simone Mainardi
84ac0f4dfc Implements filtering of flow user scripts 2021-02-12 12:56:06 +01:00
Alfredo Cardigliano
7bee78fe75 Sort modules by prio and then by name to provide deterministic results 2021-02-11 16:28:41 +01:00
Matteo Biscosi
1d9b44eb18 Implements script failure in daily.lua 
Implements #5031
 2021-02-09 15:53:55 +01:00
Luca Deri
a4a2a13fed Added migration for old service map keys 
Added dynamic memory management of ntop.getHashCache()
 2021-02-04 17:16:14 +01:00
Simone Mainardi
38d31a474a Makes multiple score increments status-dependent 
Implements #4993
 2021-01-30 12:45:04 +01:00
Matteo Biscosi
10fb8bbecc Implements #4919 custom alert severity 2021-01-27 12:29:19 +01:00
Matteo Biscosi
98917ee686 Implements #4937 top sites generation broken 2021-01-21 15:44:15 +01:00
Matteo Biscosi
3c6674e32d Fixed #2611 automatically delete alert older than 2021-01-18 18:12:53 +01:00
Matteo Biscosi
371edc0b43 Fixed interface periodic top sites update 2021-01-13 16:34:11 +01:00
Simone Mainardi
c3c2a58c3a String fix 2021-01-12 15:47:00 +01:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Simone Mainardi
a3383c5e2c Honors status_always_notify also for the internal SQLite recipient 2020-12-30 19:31:23 +01:00
Simone Mainardi
e3eda6e082 Implements ability to trigger flow alerts even if already triggered 2020-12-30 13:08:55 +01:00
Simone Mainardi
56a4c999a3 Initial flow status rework to remove globals 2020-12-30 12:06:33 +01:00
Simone Mainardi
d989f8d2c6 Reworks notifications thread to avoid Redis accesses 
Fixes #4673
 2020-12-29 18:48:55 +01:00
Simone Mainardi
dc007ba88b Disables user script benchmarks calculated but not used by default 
Partially addresses #4673
 2020-12-28 14:51:42 +01:00
Simone Mainardi
3baa932a01 Migrates alerts to an object-oriented implementation 
Migrates alert_malicious_signature alert_elephant_local_to_remote alert_elephant_remote_to_local

Migrates long_lived

Migrates alert_flow_blocked

Migrates alert_tls_old_version

Migrates alert_tls_certificate_mismatch

Migrates alert_tls_certificate_expired

Migrates alert_tls_unsafe_ciphers

Migrates alert_tls_certificate_selfsigned

Migrates alert_potentially_dangerous_protocol

Migrates alert_snmp_device_reset

Migrates alert_port_mac_changed

Migrates alert_port_duplexstatus_change

Mirgates alert_port_errors

Migrates alert_port_status_change

Migrates alert_port_load_threshold_exceeded

Migrates alert_data_exfiltration

Migrates alert_dns_data_exfiltration

Migrates alert_suspicious_tcp_probing alert_suspicious_tcp_syn_probing alert_tcp_connection_refused

Migrates alert_dns_invalid_query

Migrates alert_attack_mitigation_via_snmp

Migrates alert_lateral_movement

Migrates alert_periodicity_update

Migrates alert_dns_positive_error_ratio

Migrates alert_iec104_error
 2020-12-22 09:56:38 +01:00
Simone Mainardi
1a71ba4f5f Removes remote assistance 
Fixes #4785
 2020-12-17 19:41:37 +01:00
Simone Mainardi
8d6dafc897 Unifies new alerts and flow alerts API 2020-12-04 17:03:23 +01:00
Alfredo Cardigliano
d19db6b678 Run ntopng on the bridge interface when running in bridge mode as appliance 2020-11-27 16:43:31 +01:00
gabryon99
15772bd0fe refactor for endpoints and recipients (#4707) 2020-11-25 16:25:55 +01:00
Alfredo Cardigliano
9a26717a71 System config cleanup, add startup initialization, add more admin checks, move reset code to nf_config 2020-11-20 15:47:21 +01:00
Alfredo Cardigliano
8e62a71eee Rename system_utils.lua -> cpu_utils.lua to avoid confusion 2020-11-17 12:41:06 +01:00
Alfredo Cardigliano
ba9c501c4d Add support for system configuration (WIP) 2020-11-17 11:54:47 +01:00
Simone Mainardi
5c0c23feb6 Fixes execution of periodicUpdate flow callback 
Fixes #4687
 2020-11-06 18:17:54 +01:00
Luca Deri
216b1532da IEC 60870 dissection improvements and hardening 2020-11-04 15:46:36 +01:00
Luca Deri
ea83944609 Cosmetic message changes 2020-10-29 09:46:29 +01:00
Simone Mainardi
d7f1ce0d8c Reworks and optimizes flow alerted status 2020-10-19 16:50:22 +02:00
Alfredo Cardigliano
a5a8030e35 Cleanup trigger flow external alert 2020-10-19 13:12:31 +02:00
Simone Mainardi
d3dda0bb82 Unifies misbehaving with alerted flows 
Implements #4596
 2020-10-16 18:58:20 +02:00
Luca
3449593087 Reworked notifications and fixed a bug that caused them to be fetched too often putting pressure on the blog feed 2020-10-16 09:31:04 +02:00
Luca Deri
77ab1e3a8a Added fix for #4534 
- in case of startup crash and automtic restart, ntopng would reload lists resetting errors. This caused the storm of updates
- updated the URL to https://snort.org/downloads/ip-block-list
- in case of failure we retry the URL only once (it used to be twice) after one hour.
 2020-10-15 17:17:35 +02:00
Simone Mainardi
6fc182412f Reworks factory reset 2020-10-13 15:16:59 +02:00
Simone Mainardi
5b878a2a7a Reworks reload of in-mem preferences and runtimeprefs.json dump 2020-10-13 12:49:48 +02:00
Simone Mainardi
efe6bcf691 Fixes notifications.lua running for too long 
Fixes #4523
 2020-10-05 13:14:55 +02:00
Simone Mainardi
b7bdd1edaf Massive cleanup of alerts (disabled/suppressed) 
Fixes #4504
 2020-10-01 18:40:11 +02:00
Simone Mainardi
72e4382333 Reworks purging of idle entries without Lua periodic scripts 2020-10-01 16:08:21 +02:00