alert store skeleton
Alert database type changes
Implement alert store for host alerts. All alert store skeletons.
Fix class method access
Enable tracing
Implements simple queries for host alerts
Implement flow alert store
Fixes escaping of INSERT queries
Flow alerts database schema fixes
Adds escaping for alert JSON in flows and hosts
Implements queries .select() for alerts store
Adds limit and offset to perform paginated queries
Adds new REST getter for flow alerts
Name changes alert_severity to severity, alert_json to json
Fixes alert message not shown
Implement active monitoring alerts store
Implements sort of queries in the new dataabase
Changes alert_type to alert_id
Implement mac alerts store
Fixes flow alert messages
Implement system alerts store
Implement snmp alert store
Add missing items to the flow alerts
Add missing items to the host alerts
Add missing items to the mac alerts
Implements COUNT aplerts api
Add device_name to snmp alerts
add flow alerts templates
updated gitignore
fix for missing order field
add families defined in `alert_store_schema.sql`
Reworks and simplifies alert store subclasses
Implements REST API to fetch alert timeseries
Fixes date in flow REST api
Host alert json fix
Add get/host/alert/list.lua
Move alert/list.lua to alert/past/list.lua
Add alert/past/list.lua for all alert families
Add entity_id to system table to identify the alert type based on <alert_id, entity_id>
Add missing field
Implements facilities to query engaged alerts via REST
Handle both historical and past alerts in alert/list.lua
Fix count
Update params of select_historical
Implement method to add family-specific filters
Add alert/ts.lua for all alert families
Implements facilities and REST endpoints to delete alerts
Implements ordering of alert queries
Fix add_order_by group_by
Rest API tests update
Tests output update
Remove debug trace
Use alert_id instead of type. Add more flow alert info.
Update http lint
Format obsolete tlv version alerts. Add more host info.
Add row_id to list of alerts
Fix selection of engaged alerts
Add test for mac alerts (bcast domains)
Removes attempt to format alerts as flow alerts
Fixes interface selection for active monitoring
Update test output with rest changes
Add more fields to be ignores
Set alert count to 1 for the time being
add bar timeseries chart
add apexcharts
improvements on timeseries bar chart
registered chart callbakcs
working on alert page
fix for date format
Fixes acrive monitoring REST API
Fixes alignment of grouped alert data
Additional fix for alert histogram
remove useless if
formatting alerts page
fixes on flows alert stats table
rename local networks to device
format host pagie in alert_stats
add tag support for hosts and flow
implemented single delete action
add release modal
Fixes format of threshold cross interface alerts
Fixes wrong increase of dropped alerts
Implements exclusion list for invalid dns queries
Reworks exclusions lists for hosts and flows
Addresses #5212
Addresses #5113
Adds host alert keys in host callbacks definitions
Adds alert ids to flow callbacks
fix for not working button (#5215)
Fixes reported timeseries name
removed any additional button inside chart's toolbar (#5200)
Add tables for interfaces, networks, users to the schema. Skeleton alert_store classes
fixed broken range picker layout in firefox (#5199)
Alert insert fixes
Add more info to network alerts
Add rest endpoint for interface, network, user alerts
Fix endpoint selection in alerts_stats
Unifies columns between engaged and past alerts
Fixes Missing mandatory 'alert_granularity'
Minor fixes for missing alert_severity
Fixes arithmetic on a nil value (field 'last_seen')
Fixes get/system/alert/list.lua
use tstamp for column names (#5221)
Implements host alert formatter
Add alerts_store format_record_common
Use common format_record for am, system alerts
Use common format_record for all alerts
Fixes formatting of alerts of all types
Fixes nil in function 'hostinfo2label'
fixes on disable modal
add pages for network, user and interface endpoint (#5224)
Set alert_entity in all classes
Unifies influxdb alerts into system alerts
Addresses #5224
Unifies process alerts into system alerts
Addresses #5224
Cleanup unused periodicActivityEntity
Unifies category lists alerts into system alerts
Addresses #5224
Aligns new alert enums
Addresses #5224
Fixes alert page links
Fixes insertion of interface alerts
Implement filters for Host alerts
Fixes active monitoring alerts not triggering
Implement filters on flow alerts
Fixes for internal alerts timestamp and subtype
implements disable for the alerts
formatted alert disable label
Add address and device type to mac alert records
fix for delete alert toggle
Fix access to entity_val in alert_unexpected_new_device
add mac address and device type inside table
Fixes for new alert fields not handled
Fixes alert_definitions to handle new fields
Add ip/port to snmp alert records
Implements deletion of stored flow alerts
Add alert_name to all alert records via rest. Fix duration.
fixes for snmp tab
Implements delete of past host alerts
Add name to snmp alert records
fixes on system tab
Fix Date column
fixes link
Update menu
Fixes bad argument #3 to 'format' in snmp alerts
updated interface link
new alerts url for host (#5228)
Fixes sort of engaged alert
Minor cleanup
Fixes data returned for local network alerts
Fix duration for one shot. Note.
Fix duration override
Fixes interface selection for system alerts
Move host alert page
fixes for local network tab
Minor fix
Fix engaged host alerts
fixes on user tab
Fix alert_user_activity message
Scaffolding code of the host scripts
Scaffolding code for host alerts
Adds host_callbacks/ for .cpp files
Implements all classes for host callbacks
Removes pro/enterprise host callbacks
Adds typedefs with callback deltas
Compilation fix
Creates instances of host callbacks in loader
Link fix
Removes redundant/non-necessary host alerts
Merges Scan and Flood callbacks together
Removes outdated API files
Refactors alert keys into entity|id
Refactors all flow alert_{...} into flow_alert_{...}
Refactors C++ flow alert_{...} into flow_alert_{...}
Reworks alert ids to include an entity type
Cleanup and merge alertTypeRaw with getAlertType
Minor fix
Refactors alert definitions and keys into sub directories
Implement host alert callback execution and trigger/release logic
Update callbacks API
Adds base CallbacksLoader for {Host,Flow}CallbacksLoader
Implements load of host user scripts with periodicities
Implements runtime reload of host callbacks
Add logic for periodic callbacks
Add 'expired' flag to host alerts
Implements execution of host callbacks and SYN flood checks
Adds triggerAlertAsync calls to SYNFlood
Implements JSON host alert generation info
Handle callback getPeriod. Optimize callback lookup.
Implements host recipients in C++
Add callback status
Define destructor
Iterator fixes
Cleanup host Lua calls (now performed in C++)
Changes to show new host alerts in SQLite
Adds release/engage action on alert JSON
Move AlertableEntity to OtherAlertableEntity, inheriting from a new AlertableEntity. Add HostAlertableEntity.
Implements SYN Flood Attacker with params
Uses parametrized thresholds to trigger syn flood alerts
Implements build alert of both attacker and victim
Implement HostAlertableEntity
Implements SYN scan attacker/victim alerts
Implements flow flood attacker/victim alerts
Removes a debug flag
Add virtual allocStatus
Add HostAlert disableAutoRelease()
Add Ãexplicit releaseAlert()
Implements SYNFloodHostCallbackStatus
Implements SYNScanHostCallbackStatus
Implements FlowFloodHostCallbackStatus
Change trigger API to handle cli/src score
Implements {DNS,SMTP,NTP}ServerContactsAlert
Reworks ServerContacts host alerts
Implement exclusion bitmaps for host alerts
Implements {SMTP,DNS,NTP}ServerContactsAlert
Adds host_info to the generated alert JSON
Minor cleanup
Optimize access to callback status
Move RepliesRequestsRatio to pro
Rework triggerAlert on host to avoid multiple call and unneeded status data
Compilation fix
Reworked host alerts API (wip)
Cleanup unused host callbacks
Compilation fixes
Finishes backend implementation of host alerts exclusions
Rework host callbacks executor
Implements disable of host alerts
Port SYNFlood to the new api
Cleanup
Reduce duplicated code
Comments
Port ServerContacts to the new api
Clenaup
Adds parsing of configuration for host callbacks
Port SYNScanAlert to the new API
Port FlowFlood to the new API
Cleanup unused HostAlert getName
Reworks DNSRequestsErrorsRatioAlert
Adds JSON for DNSTrafficAlert
Adds FlowsAlert
Adds P2PTrafficAlert
Add RepliesRequestsRatioAlert
Adds ScoreAlert
Adds ThroughputAlert
Adds TrafficAlert
Fixes for scan/flood alerts
DNS ratio alert support
Add HTTP stats getters
Implements deltas for many host callbacks
Host score inc
Adds missing Alert params to host alerts
Release all host alerts on idle
Refactors score classes
Implements class Score to contain scores for hosts, flows, etc
Adds scores to VLANs, Networks, ASes and Countries
Host callbacks can trigger a single alert now
FlowFlood, SYNFloo, SYNScan now inherit from FlowHits
Move severity and score to constructor
Add else branch to hits callbacks
Alert definition update for flows_flood, syn_flood, syn_scan
Update field name
Engaged alert init
Adds score incs/decs for AS, VLAN, country, os and network
Restore network scripts
Restored other alert definitions for floods
Handle decreasing alert score
Removes include
Rename flows_flood to flow_flood for consistency
Restored alert_tcp_syn_flood_victim alert_tcp_syn_scan_victim definitions
Fixes for non-host engaged/release alerts
Cleanup LuaEngineFlow and LuaEngineHost classes
Fixes old calls to host lua during shutdown
Removes AlertCheckLuaEngine instance
Fixes purging of flows
Fixes alerts release upon shutdown causing wrong uses
Removes a debug flag
Fix getNumEngagedAlerts
Cleanup unnecessary host callbacks
Removes array of callback statuses inside host
Bitmap fixes
Refactors Bitmap into Bitmap128
Implements 16-bits bitmaps for host alerts
Adds class HostCallbacksStatus
Moves callback status p2p and DNS inside HostCallbacksStatus
Removes unused callbacks in typedefs
Minor cleanup
Adds trigger/release for DNS/p2p alerts
Reworks UI of hosts user scripts
Rename HostCallbackType to HostCallbackID, getType to getID, others
