Simone Mainardi
|
5d80b67327
|
Adds info-level alerts upon successful lists download
Addresses #4554
|
2020-10-14 15:08:01 +02:00 |
|
Simone Mainardi
|
ce4d69a273
|
Moves alert and status definitions under lua/modules/
|
2020-10-12 15:03:39 +02:00 |
|
Simone Mainardi
|
f617f8ffcf
|
Uses hostinfo2detailshref to print hosts hyperlinks
|
2020-10-12 10:09:12 +02:00 |
|
Simone Mainardi
|
291538b323
|
Additional lateral movement alert fixes
|
2020-10-12 10:03:23 +02:00 |
|
Simone Mainardi
|
4ffe97f3b0
|
Lateral movement alert entity fixes
|
2020-10-12 09:22:08 +02:00 |
|
Luca Deri
|
c5e0db54b7
|
Added support for lateral movement detection
|
2020-10-11 18:30:21 +02:00 |
|
Simone Mainardi
|
f9de2bdb8a
|
Adds alert_flow_blacklisted.lua
|
2020-10-09 09:48:41 +02:00 |
|
Simone Mainardi
|
b82738330c
|
Adds extra indications upon plugin load failures
Fixes #4549
|
2020-10-09 09:23:11 +02:00 |
|
Simone Mainardi
|
f6c42554bc
|
Fixes slow hash entries purging alert
Fixes #4527
|
2020-10-05 14:38:53 +02:00 |
|
Simone Mainardi
|
814ee67cf9
|
Reworks nDPI Risks flow plugins to handle all risks and scores
Fixes #4432
|
2020-09-23 17:58:51 +02:00 |
|
Luca Deri
|
8db941c31e
|
Improved IEC 104 plugin
|
2020-09-16 23:24:40 +02:00 |
|
Simone Mainardi
|
7f241d71d5
|
Implements attack mitigation via SNMP
Implements #3833 along with companion pro commit
|
2020-08-24 15:05:35 +02:00 |
|
Alfredo Cardigliano
|
1160066b08
|
Add logging for all non-get REST calls (fix #4279)
|
2020-08-14 12:02:09 +02:00 |
|
Alfredo Cardigliano
|
628bdd8994
|
Add tracing of rest set calls
|
2020-08-13 16:08:25 +02:00 |
|
Alfredo Cardigliano
|
bde41ff4b7
|
Cleanup nagios code
|
2020-07-28 11:33:04 +02:00 |
|
Simone Mainardi
|
ad93df50f3
|
Migrates alert_quota_exceeded.lua to use the new lua host pools class
|
2020-07-16 17:21:06 +02:00 |
|
Simone Mainardi
|
5ade224d85
|
Implements global host pools
Implements #4086
Refactors host pools to global
Implements host pools migration
Migration fixes
nEdge changes for host pools migration
Create README.host_pools_migration.md
|
2020-07-01 12:02:09 +02:00 |
|
Simone Mainardi
|
cd4a513b0f
|
Implements snmp_consts.lua with SNMP consts
|
2020-06-10 15:40:47 +02:00 |
|
Simone Mainardi
|
0bbb30e13e
|
Refactors snmp_utils global methods into module functions
|
2020-06-10 13:09:30 +02:00 |
|
Simone Mainardi
|
8a3e65ac50
|
Requires snmp_utils as local module
|
2020-06-10 12:17:25 +02:00 |
|
Simone Mainardi
|
49e49e0ed6
|
Unifies host_details.lua generation
Addresses #3977
|
2020-05-26 12:50:47 +02:00 |
|
emanuele-f
|
39d76d233d
|
Hide zero MAC address in remote to remote alerts
Addresses #3644
|
2020-05-19 14:41:19 +02:00 |
|
Alfredo Cardigliano
|
e8fcbd2a90
|
Trigger host alerts for collected syslog messages (also to companions)
|
2020-05-18 12:52:38 +02:00 |
|
Simone Mainardi
|
c543df45f9
|
Reworks suspicious file transfers
|
2020-05-13 19:38:24 +02:00 |
|
Simone Mainardi
|
0d7ed3f0ed
|
Extends binary and unknown port alerts
|
2020-05-13 12:21:01 +02:00 |
|
Luca Deri
|
f4b25f30b3
|
Flow risk report improvemements
|
2020-05-12 12:57:36 +02:00 |
|
Luca Deri
|
e315158c1d
|
Added plugin for handling flow risks reported by nDPI
|
2020-05-12 12:18:50 +02:00 |
|
Luca Deri
|
ff76407e68
|
Added detection of self-signed (< TLS 1.3) certificates
|
2020-05-08 09:53:31 +02:00 |
|
emanuele-f
|
ba5c64b107
|
Rework host label getters
This fixes inconsistencies across the ntopng gui
Addresses #3699
|
2020-05-07 17:47:18 +02:00 |
|
emanuele-f
|
04328b7f37
|
Fix alert formatting with percentage value
|
2020-04-29 15:47:14 +02:00 |
|
emanuele-f
|
237bac3afe
|
Shorten the broadcast domain alert message
Closes #3790
|
2020-04-28 15:02:57 +02:00 |
|
emanuele-f
|
e3115e14e8
|
Alternative message for speedtest execution alerts
|
2020-04-28 12:53:43 +02:00 |
|
Simone Mainardi
|
290175b16f
|
Refactors alrt builders into creators
Refactors builders into creators: calls
|
2020-04-27 15:53:56 +02:00 |
|
emanuele-f
|
00c5e9f909
|
Add ability to report resolved IP address for unreachable hosts
|
2020-04-27 15:46:03 +02:00 |
|
Simone Mainardi
|
efe4f9a8be
|
Unifies alerts generation format with flow statuses
|
2020-04-27 14:37:04 +02:00 |
|
Simone Mainardi
|
ab1690ad9e
|
Implements builders for each flow status definition
[FlowsK] alert_blacklisted_country.lua
[FlowsK] alert_flow_blacklisted.lua
[FlowsK] alert_device_protocol_not_allowed.lua
[FlowsK] external_alert.lua
[FlowsK] alert_potentially_dangerous_protocol.lua
[FlowsK] tls_certificate_mismatch.lua
[FlowsK] tls_certificate_expired.lua
[FlowsK] tls_malicious_signature.lua
[FlowsK] elephant_flows.lua
[FlowsK] not_purged.lua
[FlowsK] web_mining.lua
[FlowsK] potentially_dangerous.lua
[FlowsK] alert_flow_blocked.lua
|
2020-04-27 12:43:37 +02:00 |
|
Simone Mainardi
|
2739aac076
|
Implements alert builders for each alert definition
[AlertsK] Implements alert consts builder
[AlertsK] alert_threshold_cross.lua
[AlertsK] too_many_drops.lua
[AlertsK] alert_test_failed.lua
[AlertsK] alert_flows_flood.lua alert_tcp_syn_flood.lua lert_tcp_syn_scan.lua
[AlertsK] alert_snmp_topology_changed.lua
[AlertsK] snmp_device_reset.lua
[AlertsK] alert_slow_periodic_activity.lua
[AlertsK] alert_port_status_change.lua
[AlertsK] alert_port_status_change.lua
[AlertsK] alert_port_load_threshold_exceeded.lua
[AlertsK] alert_port_errors.lua
[AlertsK] alert_port_duplexstatus_change.lua
[AlertsK] alert_periodic_activity_not_executed.lua
[AlertsK] alert_misbehaving_flows_ratio.lua
[AlertsK] alert_influxdb_error.lua
[AlertsK] alert_influxdb_dropped_points.lua
[AlertsK] alert_dropped_alerts.lua
[AlertsK] alert_am_threshold_cross.lua
[AlertsK] alert_broadcast_domain_too_large.lua
[AlertsK] alert_device_connection.lua
[AlertsK] alert_device_connection.lua
[AlertsK] alert_host_pool_connection.lua alert_host_pool_disconnection.lua
[AlertsK] alert_ghost_network.lua
[AlertsK] alert_ip_outsite_dhcp_range.lua
[AlertsK] alert_list_download_failed.lua
[AlertsK] alert_login_failed.lua
[AlertsK] alert_mac_ip_association_change.lua
[AlertsK] alert_slow_purge.lua
[AlertsK] alert_request_reply_ratio.lua
[AlertsK] alert_quota_exceeded.lua
[AlertsK] alert_process_notification.lua
[AlertsK] alert_nfq_flushed.lua
[AlertsK] alert_misconfigured_app.lua alert_new_device.lua
[AlertsK] alert_influxdb_export_failure.lua
[AlertsK] alert_unresponsive_device.lua
[AlertsK] alert_user_activity.lua
[AlertsK] alert_user_script_calls_drops.lua
[AlertsK] minor fix
|
2020-04-24 15:35:44 +02:00 |
|
Simone Mainardi
|
3aae0dd849
|
Removes unused require
|
2020-04-23 11:03:26 +02:00 |
|
emanuele-f
|
17099311de
|
Remove unnecessary json decode
|
2020-04-22 11:53:38 +02:00 |
|
Simone Mainardi
|
78b334e4eb
|
Refactors alerts and flow statuses in builtin and plugins
Implements #3811
Implements #3812
Refactors builtin alerts
Refactors builtin flow statuses
|
2020-04-21 22:27:49 +02:00 |
|