vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-01 00:19:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
12744 commits 26 branches 19 tags 446 MiB
Commit graph

88 commits

Author SHA1 Message Date
Matteo Biscosi
41163ac7f6 Implements low risk alert type must be further split 
Implements #5066
 2021-02-25 19:09:17 +01:00
Matteo Biscosi
dbfdec34fe Implements Local Host behaviour analysis and it's alert 
Alert in case the host has an unexpected behaviour
 2021-02-25 12:04:05 +01:00
Simone Mainardi
c70c635e3f Fixes TLS-risks sometimes handled twice 2021-02-18 14:45:02 +01:00
Simone Mainardi
823c6ddc81 Fixes flow risks no longer triggering 2021-02-18 11:20:17 +01:00
Matteo Biscosi
0c0ba319c2 Modified default fields for flow risk alert 2021-02-17 11:55:07 +01:00
Matteo Biscosi
711bcb21d0 Added exclusion list to the flow risk script 2021-02-17 11:46:45 +01:00
Simone Mainardi
f4dff6f2e7 Implements risk-based filtering of flow alerts 2021-02-16 15:25:20 +01:00
Alfredo Cardigliano
f245caf83c Deterministic selection of flow risk 2021-02-12 17:47:54 +01:00
Simone Mainardi
fefc3c39b0 Reworks user script filters lint and functions 2021-02-11 17:59:35 +01:00
Simone Mainardi
146b8fc1b0 Adds skeleton for alerts exclusion lists 
Addresses #4942
 2021-02-05 09:41:50 +01:00
Simone Mainardi
38d31a474a Makes multiple score increments status-dependent 
Implements #4993
 2021-01-30 12:45:04 +01:00
Alfredo Cardigliano
b3cf18d821 Rename alert_tls_old_version -> alert_tls_old_protocol_version everywhere for consistency 2021-01-29 11:10:43 +01:00
Matteo Biscosi
0fbe214a60 Removed default severity from some alerts 2021-01-29 10:51:31 +01:00
Matteo Biscosi
da9dc17f25
Fixed remote to local alert wrong parameter 2021-01-28 23:34:46 +01:00
Matteo Biscosi
b1134b611f Added to double severity alert, single default alert 
Implements #4919
 2021-01-28 18:18:22 +01:00
Matteo Biscosi
10fb8bbecc Implements #4919 custom alert severity 2021-01-27 12:29:19 +01:00
Matteo Biscosi
cdc420dd68 Fixed #2977 alert for remote->local insecure protocols 2021-01-20 11:56:56 +01:00
Simone Mainardi
46e3c10c36 Typos 2021-01-11 14:38:02 +01:00
Simone Mainardi
ad59b61245 Implements dropdown search for interfaces 
Partially addresses #4800
 2021-01-08 17:45:41 +01:00
Simone Mainardi
1aaf92e843 Reworks attacker/victim in alerts 2021-01-07 19:03:42 +01:00
Matteo Biscosi
bf12e0c103 Added Victim and Attacker shown into the Developer page 2021-01-07 16:34:45 +01:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Simone Mainardi
e3eda6e082 Implements ability to trigger flow alerts even if already triggered 2020-12-30 13:08:55 +01:00
Matteo Biscosi
e94f2cb0b4 Fixed #4737 integration with fail2ban 2020-12-30 11:46:10 +01:00
Matteo Biscosi
1ca83df1b7 Fixed alerts error 2020-12-23 12:03:14 +01:00
Simone Mainardi
c1bdfb8722 Unifies flow_keys and status_keys 2020-12-22 19:14:16 +01:00
Simone Mainardi
f839b6ba76 Removes flow_consts requires no longer necessary 2020-12-22 18:06:50 +01:00
Simone Mainardi
c273478b7a Reworks UI list of defined alert and flow keys 2020-12-22 16:51:26 +01:00
Matteo Biscosi
bcf2c2c1ed Migrates alerts to an object-oriented implementation 2020-12-22 14:48:00 +01:00
matteo
e24ef4ef35 Revert "Migrates alerts to an object-oriented implementation" 
This reverts commit fbc283f12f.
 2020-12-22 13:13:57 +01:00
matteo
fbc283f12f Migrates alerts to an object-oriented implementation 2020-12-22 13:00:25 +01:00
Simone Mainardi
0ccc3507d0 Implements alert:store class method 2020-12-21 12:09:41 +01:00
matteo
ab4e8e9379 Added REST for top local talkers and top remote destinations 2020-12-14 18:42:23 +01:00
matteo
a8cd70e0e5 Fixed #4730 Reset list of learnt MAC addresses 2020-12-09 17:18:35 +01:00
Simone Mainardi
e12108cfe0 Minor alert_flow_new_api_demo.lua cleanup 2020-12-04 17:16:20 +01:00
Simone Mainardi
7950ca3c55 Adds new alert_flow_new_api_demo.lua example 2020-12-04 17:07:12 +01:00
Simone Mainardi
8d6dafc897 Unifies new alerts and flow alerts API 2020-12-04 17:03:23 +01:00
Simone Mainardi
4533806ce8 Extends the new api with the format function 2020-11-30 17:11:48 +01:00
Simone Mainardi
b3dc39c641 Refactors alert_severities into an independend Lua module 2020-11-30 15:28:17 +01:00
gabryon99
20273758ef add reset button with confirm (#4730) 2020-11-27 17:45:11 +01:00
Simone Mainardi
5d7abd0b53 Alerts API class name change 2020-11-26 18:03:17 +01:00
Simone Mainardi
2cc45f5229 Reworks experimental object-oriented alerts code 2020-11-26 15:56:24 +01:00
Luca Deri
06161556ac Fixes issues with unexpected XXX alerts where impacted server was not reported 
Added Lua getFlowProtoClientIP/getFlowProtoServerIP calls in flows
 2020-11-25 15:52:03 +01:00
Simone Mainardi
c67d16e701 Disables experimental code 2020-11-23 18:44:36 +01:00
Simone Mainardi
5f2ab30351 Implements experimental object-oriented alert classes 2020-11-23 18:43:24 +01:00
matteo
b1b21ef28d Fixed nil value of field 'cli' error 2020-11-23 16:21:19 +01:00
Matteo Biscosi
507583db64
Added host category to flow and host alerts (#4767) 
* Fixed shell endpoint bug and added notice when executing the script

* Added victim and attacker to security plugins

* Updated hosts alert with host_category info

* Added host category to hosts alert description

* Added host category to flows

Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-20 19:14:07 +01:00
MatteoBiscosi
801bdb6bdc Fixed unexpected new device plugin visual bugs 2020-11-16 18:46:53 +01:00
Luca Deri
502a85d9a9 Extended description 2020-11-16 12:51:49 +01:00
Matteo Biscosi
a8cf3836d7
Fixes #4709 unexpected new device plugin (#4728) 
* Added unexpected new device plugin, needs review

* Fixes #4709 unexpected new device plugin

Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-16 12:41:19 +01:00