vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 07:59:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
12744 commits 26 branches 19 tags 446 MiB
Commit graph

147 commits

Author SHA1 Message Date
Matteo Biscosi
101c53336e Migrates alerts to an object-oriented implementation 2020-12-23 11:46:26 +01:00
Simone Mainardi
16e2c9efe2 Cleanup to remove flow_consts no longer needed 2020-12-22 17:59:51 +01:00
Simone Mainardi
b42f8f118a Fix for normal flow status label 2020-12-22 17:03:10 +01:00
Matteo Biscosi
bcf2c2c1ed Migrates alerts to an object-oriented implementation 2020-12-22 14:48:00 +01:00
matteo
e24ef4ef35 Revert "Migrates alerts to an object-oriented implementation" 
This reverts commit fbc283f12f.
 2020-12-22 13:13:57 +01:00
matteo
fbc283f12f Migrates alerts to an object-oriented implementation 2020-12-22 13:00:25 +01:00
Simone Mainardi
3baa932a01 Migrates alerts to an object-oriented implementation 
Migrates alert_malicious_signature alert_elephant_local_to_remote alert_elephant_remote_to_local

Migrates long_lived

Migrates alert_flow_blocked

Migrates alert_tls_old_version

Migrates alert_tls_certificate_mismatch

Migrates alert_tls_certificate_expired

Migrates alert_tls_unsafe_ciphers

Migrates alert_tls_certificate_selfsigned

Migrates alert_potentially_dangerous_protocol

Migrates alert_snmp_device_reset

Migrates alert_port_mac_changed

Migrates alert_port_duplexstatus_change

Mirgates alert_port_errors

Migrates alert_port_status_change

Migrates alert_port_load_threshold_exceeded

Migrates alert_data_exfiltration

Migrates alert_dns_data_exfiltration

Migrates alert_suspicious_tcp_probing alert_suspicious_tcp_syn_probing alert_tcp_connection_refused

Migrates alert_dns_invalid_query

Migrates alert_attack_mitigation_via_snmp

Migrates alert_lateral_movement

Migrates alert_periodicity_update

Migrates alert_dns_positive_error_ratio

Migrates alert_iec104_error
 2020-12-22 09:56:38 +01:00
Simone Mainardi
3b202121f6 Reworks notifications to avoid JSON-decode to read severity 2020-12-15 16:52:39 +01:00
Simone Mainardi
33342abc54 Additional work towards new unified alerts/flow status API 2020-12-14 19:01:33 +01:00
Simone Mainardi
8d6dafc897 Unifies new alerts and flow alerts API 2020-12-04 17:03:23 +01:00
Simone Mainardi
b3dc39c641 Refactors alert_severities into an independend Lua module 2020-11-30 15:28:17 +01:00
Simone Mainardi
2cc45f5229 Reworks experimental object-oriented alerts code 2020-11-26 15:56:24 +01:00
Simone Mainardi
5f2ab30351 Implements experimental object-oriented alert classes 2020-11-23 18:43:24 +01:00
Luca Deri
9664b20d64 Cosmetic alarm fixes 
Added emoji to Discord
 2020-11-02 14:42:16 +01:00
MatteoBiscosi
5a9071ba17 Fixed text bugs and changed Http method #4269 2020-11-02 13:07:47 +01:00
Luca Deri
cc2df1d66e Added emoji support in alert messages 2020-10-30 18:52:40 +01:00
Simone Mainardi
357f11900f Fixes exceptions upon plugins reload 
Fixes #4633
 2020-10-27 17:35:14 +01:00
Simone Mainardi
4663559031 Improves flow status drilldown with alert level groups 2020-10-20 10:26:50 +02:00
Simone Mainardi
a2705a8bda Implements header and drilldown of flow status severities 2020-10-19 19:26:30 +02:00
Luca Deri
51ea9c53cf Reworked alert icon colors 2020-10-16 19:38:04 +02:00
Simone Mainardi
d3dda0bb82 Unifies misbehaving with alerted flows 
Implements #4596
 2020-10-16 18:58:20 +02:00
Simone Mainardi
43c845a5af Makes loadDefinition local to alert_consts 
Possible fix for #4560
 2020-10-11 10:09:34 +02:00
Simone Mainardi
b82738330c Adds extra indications upon plugin load failures 
Fixes #4549
 2020-10-09 09:23:11 +02:00
Simone Mainardi
b4627ffc08 Removes forced use of builtin SQLite plugin 
Implements #4383
 2020-09-11 18:39:18 +02:00
Simone Mainardi
28caa3ac33 Fixes alerts starving in per-recipient queues 2020-09-02 14:52:40 +02:00
Simone Mainardi
32f33d4415 Improves notifications with IP/symbolic name, ifid, and ifname 
Fixes #4236
 2020-07-31 16:52:15 +02:00
Alfredo Cardigliano
9453c058db Fixes: login, syslog plugin, more 2020-07-30 17:08:14 +02:00
Simone Mainardi
0b894bcec9 Typo 2020-07-24 13:22:17 +02:00
Alfredo Cardigliano
7ffb4df9a6 Handle host pool serialization (exception for backward compatibility). 
Fix recipients add
Initial work for alerts dispatching to recipients
 2020-07-23 06:22:17 +02:00
Simone Mainardi
2c5e68aa74 Uses require for alert definitions in place of dofile 2020-07-23 14:36:03 +02:00
Simone Mainardi
42b7d8e7e9 Implements facility to add pool info to alerts 2020-07-21 13:09:27 +02:00
Simone Mainardi
72f4772ada Migrates alert_consts.lua to use the new lua host pools class 2020-07-16 17:11:42 +02:00
Simone Mainardi
5ade224d85 Implements global host pools 
Implements #4086

Refactors host pools to global

Implements host pools migration

Migration fixes

nEdge changes for host pools migration

Create README.host_pools_migration.md
 2020-07-01 12:02:09 +02:00
Simone Mainardi
d714528fa0 Minor cleanup 2020-06-09 11:50:07 +02:00
Simone Mainardi
8609e0bc2e Avoids adding URLs for SNMP device interfaces no longer existing 2020-06-09 11:48:28 +02:00
Simone Mainardi
f33b46842a Avoids adding URLs for SNMP devices no longer existing 2020-06-09 10:24:53 +02:00
Simone Mainardi
db43a57c3b Implements better JSON comparison in tests and allows for custom dir and redis 2020-05-27 15:25:38 +02:00
Simone Mainardi
bd0c594433 Check host_details.lua link existance in alerts 2020-05-26 17:36:35 +02:00
Simone Mainardi
49e49e0ed6 Unifies host_details.lua generation 
Addresses #3977
 2020-05-26 12:50:47 +02:00
Alfredo Cardigliano
21e274e933 alert_consts optimizations 2020-05-20 11:18:05 +02:00
Alfredo Cardigliano
5a753d8727 Add v1/get/alert/data rest API, alert_consts optimization 2020-05-20 11:02:44 +02:00
Alfredo Cardigliano
963cff670f Cleanup severity for external alerts 2020-04-27 18:04:41 +02:00
Simone Mainardi
290175b16f Refactors alrt builders into creators 
Refactors builders into creators: calls
 2020-04-27 15:53:56 +02:00
Simone Mainardi
ab1690ad9e Implements builders for each flow status definition 
[FlowsK] alert_blacklisted_country.lua

[FlowsK] alert_flow_blacklisted.lua

[FlowsK] alert_device_protocol_not_allowed.lua

[FlowsK] external_alert.lua

[FlowsK] alert_potentially_dangerous_protocol.lua

[FlowsK] tls_certificate_mismatch.lua

[FlowsK] tls_certificate_expired.lua

[FlowsK] tls_malicious_signature.lua

[FlowsK] elephant_flows.lua

[FlowsK] not_purged.lua

[FlowsK] web_mining.lua

[FlowsK] potentially_dangerous.lua

[FlowsK] alert_flow_blocked.lua
 2020-04-27 12:43:37 +02:00
Simone Mainardi
2739aac076 Implements alert builders for each alert definition 
[AlertsK] Implements alert consts builder

[AlertsK] alert_threshold_cross.lua

[AlertsK] too_many_drops.lua

[AlertsK] alert_test_failed.lua

[AlertsK] alert_flows_flood.lua alert_tcp_syn_flood.lua lert_tcp_syn_scan.lua

[AlertsK] alert_snmp_topology_changed.lua

[AlertsK] snmp_device_reset.lua

[AlertsK] alert_slow_periodic_activity.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_load_threshold_exceeded.lua

[AlertsK] alert_port_errors.lua

[AlertsK] alert_port_duplexstatus_change.lua

[AlertsK] alert_periodic_activity_not_executed.lua

[AlertsK] alert_misbehaving_flows_ratio.lua

[AlertsK] alert_influxdb_error.lua

[AlertsK] alert_influxdb_dropped_points.lua

[AlertsK] alert_dropped_alerts.lua

[AlertsK] alert_am_threshold_cross.lua

[AlertsK] alert_broadcast_domain_too_large.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_host_pool_connection.lua alert_host_pool_disconnection.lua

[AlertsK] alert_ghost_network.lua

[AlertsK] alert_ip_outsite_dhcp_range.lua

[AlertsK] alert_list_download_failed.lua

[AlertsK] alert_login_failed.lua

[AlertsK] alert_mac_ip_association_change.lua

[AlertsK] alert_slow_purge.lua

[AlertsK] alert_request_reply_ratio.lua

[AlertsK] alert_quota_exceeded.lua

[AlertsK] alert_process_notification.lua

[AlertsK] alert_nfq_flushed.lua

[AlertsK] alert_misconfigured_app.lua alert_new_device.lua

[AlertsK] alert_influxdb_export_failure.lua

[AlertsK] alert_unresponsive_device.lua

[AlertsK] alert_user_activity.lua

[AlertsK] alert_user_script_calls_drops.lua

[AlertsK] minor fix
 2020-04-24 15:35:44 +02:00
Simone Mainardi
ac8bd534ea Implents PEN for alert keys 
Implements #3823
 2020-04-22 13:21:40 +02:00
Simone Mainardi
78b334e4eb Refactors alerts and flow statuses in builtin and plugins 
Implements #3811
Implements #3812

Refactors builtin alerts

Refactors builtin flow statuses
 2020-04-21 22:27:49 +02:00
emanuele-f
0be2da4f57 Cleanup remaining references to RTT 2020-04-20 12:21:39 +02:00
Simone Mainardi
1eb02b2c2b Unifies alert_id and alert_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
4177ee61ab Implements constant flow and alert ids 
Enlarges AlertType size

Changes alerts database
 2020-04-14 22:20:44 +02:00