vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-13 05:51:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
8044 commits 26 branches 19 tags 455 MiB
Commit graph

160 commits

Author SHA1 Message Date
emanuele-f
b10520e264 Rename checkAlerts callback to runScripts 2019-12-16 09:31:24 +01:00
emanuele-f
a3432e00e8 Implement ntopng plugins 
Plugins are a convenient way to group together related lua scripts.
Their primary use case is to group user scripts and their alert/status
definition.
The builtin ntopng user scripts and definitions are now
packed into plugins directories. In future, we will support loading of
user created plugins.
Plugins are loaded at startup into some runtime directories and then
used. Other changes provided by this commit include:

- Add sample flow logger plugin
- Initial support for system user scripts
- Rename edge to threshold
- Migrate system probes to user scripts/plugins
- Migrate scripts to more explicit alerts_api.checkThresholdAlert api
 2019-12-10 09:25:57 +01:00
emanuele-f
0d48bff069 Implement more flexible user_scripts api 
NOTE: The existing alerts configuration of the users will be discarded.

Some code has been added to make the current gui on/off toggle work.
It is marked with the following comment:

-- TODO remove after implementing the new gui
 2019-11-28 11:06:14 +01:00
emanuele-f
2df9b34201 Add flow user scripts drops alert 2019-11-19 17:37:58 +01:00
Simone Mainardi
9cb566ed41 Computes lua scripts deadlines in C to prevent missing scheduled activities 2019-11-19 13:02:13 +01:00
emanuele-f
3dd7d2215d Remove matchesL7 call 2019-11-15 16:58:59 +01:00
emanuele-f
7d0888d302 Flow user scripts optimizations 2019-11-15 15:52:36 +01:00
emanuele-f
84178c4fa1 Fix 5sec stats time alignment 2019-11-15 11:52:33 +01:00
emanuele-f
60fc7e0cfb Improve flow.lua and add statistics 2019-11-15 10:51:19 +01:00
emanuele-f
bde0a51f9c Add periodic_update_seconds parameter 2019-11-14 16:10:45 +01:00
emanuele-f
52e081ac1c Change remote-to-remote alert to status 2019-11-14 12:41:28 +01:00
emanuele-f
df0556cb87 Optimize flow alerts generation 
This provides a ~10x speedup by performing the JSON serialization work in C
(and thus avoiding Lua->C overhead). This also implements two in-memory alerts
queues (one for sqlite and one for the notifications) in order to reduce Redis load.
Alerts queue are now global instead of per-interface as there is only 1 dequeing thread.
 2019-11-14 11:54:13 +01:00
Simone Mainardi
05e6dc1677 Implements bi- and mono-directional flow callbacks filter 
Implements #3055
 2019-11-13 18:14:49 +01:00
Simone Mainardi
0fabd87491 Implements TWH-complete flow callbacks filter 
Implements #3056
 2019-11-13 17:27:41 +01:00
emanuele-f
739c87a52d Initial flow user scripts optimization 2019-11-11 18:04:48 +01:00
Alfredo Cardigliano
acdab024da Enqueueing flow alerts to be stored/notified from Lua, removed DB select to notiy alert (using the alert object directly) 2019-11-05 15:53:10 +01:00
emanuele-f
54140b6f1a Migrate alertable disabled alerts preference to lua 
This avoids performing multiple hget on redis, thus increasing performance
 2019-11-05 14:59:38 +01:00
Alfredo Cardigliano
280213e148 Enqueueing alerts as soon as they are detected, instead of using 2-steps (#3038) 2019-11-05 11:04:44 +01:00
emanuele-f
675adcf90e Migrate hosts disabled flow status preference to lua 
By loading all the preferences at once in flow.lua setup() the
redis load is reduced and design is simpler.
 2019-11-04 16:50:26 +01:00
emanuele-f
9b5be79b1d Remove redundant script key 
The script file name is used as the key
 2019-10-31 18:24:58 +01:00
emanuele-f
e978a83151 Improve user scripts charts 
Fixes #3020
 2019-10-31 13:30:24 +01:00
Simone Mainardi
cce73c2f44 Implements lua interpreters telemetry 2019-10-28 23:47:03 +01:00
Simone Mainardi
f98dd234e8 Decouples periodic stats updates using a thread pool 2019-10-28 12:21:57 +01:00
Simone Mainardi
35417c58ab Minor cleanup 2019-10-27 17:43:45 +01:00
Simone Mainardi
68246efd01 Decouples periodic hash table updates using a thread pool 2019-10-27 17:40:07 +01:00
Alfredo Cardigliano
1332ca1b0d Increased syn scan default limit 2019-10-25 15:13:24 +02:00
Alfredo Cardigliano
96ef3c05e7 New alert when the number of idle entries in the hash tabel exceeds a configured threshold (implements #3005) 2019-10-25 14:29:37 +02:00
emanuele-f
1d5ff7c4e7 Remove global flow user scripts on/off 2019-10-25 13:12:47 +02:00
emanuele-f
f8ccfe24d8 Add flow scripts labels and descriptions 2019-10-25 12:16:19 +02:00
Alfredo Cardigliano
c29409673b Added alerts for TCP SYN Scan Host and Network as victims (implements #2963) 2019-10-24 16:59:33 +02:00
Alfredo Cardigliano
afbb34e262 TCP SYN Scan detection (implements #2963) 2019-10-24 15:35:26 +02:00
emanuele-f
0c96c49157 Avoid redis KEYS command for MUD 2019-10-23 11:24:33 +02:00
Alfredo Cardigliano
3f7d8726aa Fix flow key in external alerta 2019-10-22 17:38:59 +02:00
Alfredo Cardigliano
d05777df1e External alerts API update and cleanup 2019-10-22 15:08:06 +02:00
emanuele-f
b3374651ce Merge branch 'alerts_cleanup' into dev 2019-10-22 10:50:21 +02:00
emanuele-f
b3a8c6d49a Migrate C flow status alerts to Lua user scripts 
- Alerts and flow status cleanup
- Community flow user scripts migration
- Implement scripts filters by l7 proto and packet interface only
- Migrate flow2statusinfojson
- Lower flow periodic update to 30 seconds if there is flow activity
- Display flow scripts without a gui section
 2019-10-22 10:42:22 +02:00
Simone Mainardi
ab1687fb44 Fixes triggere/release of alerts at mixed granularities 2019-10-21 23:30:45 +02:00
Simone Mainardi
5b3f34b72a Fixes flapping of engaged alerts 2019-10-21 17:41:50 +02:00
Simone Mainardi
e80dc962f4 Optimizes host.getFullInfo with smaller functions in periodic scripts 2019-10-21 16:21:03 +02:00
Luca Deri
9190762a92 Removed work in progress script 2019-10-20 12:03:45 +02:00
Simone Mainardi
83715798ac Fixes 5-min host custom scripts taking too long 2019-10-18 19:18:48 +02:00
Simone Mainardi
945deec076 Minor fix 2019-10-18 18:55:49 +02:00
Simone Mainardi
a6571252fd Adds debug code do estimate cost of host.getFullInfo calls 2019-10-18 18:44:09 +02:00
Simone Mainardi
43d0b89bd9 Prevens tons of unnecessary calls to alerts_api.trigger() 2019-10-17 18:54:13 +02:00
Simone Mainardi
f8443ff03d Disk space reclaim and defrag of alerts db 2019-10-17 12:12:28 +02:00
emanuele-f
e0fd591db2 Add ability to reset a status bit 2019-10-16 16:21:18 +02:00
emanuele-f
9786581526 flow.getInfo now returns minimal information 2019-10-16 13:57:54 +02:00
emanuele-f
7a14a9cf11 Improvements in status definition API 2019-10-16 10:33:19 +02:00
Luca Deri
f0fd69e650 Updated script with trigger moved from protocol detected to idle/flow terminated 2019-10-15 22:17:43 +02:00
Luca Deri
3b5e56d802 Added script for detecting unidirectional UDP flows 2019-10-15 21:56:48 +02:00