vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 07:59:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
21363 commits 26 branches 19 tags 446 MiB
Commit graph

68 commits

Author SHA1 Message Date
Luca Deri
bdd95ff988 Added support for %NPROBE_INSTANCE_NAME 2023-09-12 23:59:23 +02:00
Luca
11cff335b0 Improvements for handlign Cisco NBAR collection 2022-11-05 22:18:32 +01:00
Luca Deri
790af4c9e1 Fixed nProbe template flow mapping 2022-06-27 20:08:38 +02:00
MatteoBiscosi
57a85de50e Cleaned up the code from plugin_utils 2022-02-11 12:07:23 +01:00
Luca Deri
e38114b75f Added missing cento flow labels 2022-02-02 13:45:01 +01:00
Alfredo Cardigliano
257ece18c0 Copyright update (Lua) 2022-01-03 09:42:33 +01:00
Luca Deri
e65e9f9304 Syslog collection fixes 2021-12-12 18:15:47 +01:00
Luca Deri
e22a8d31dc Extensions for handling syslog flows 2021-12-02 18:12:25 +01:00
Luca Deri
5e03ad7e2f Updated probe template 2021-10-27 18:29:29 +02:00
MatteoBiscosi
0c3bfd54c4 Changed name from probe to exporter (#5970) 2021-10-11 16:54:01 +02:00
MatteoBiscosi
a23babe57d Changed Exporter name into Probe (#5668) 2021-07-14 12:43:13 +02:00
Luca Deri
195fe9578c Improved observation point id support and flow reporting 2021-06-19 00:16:48 +02:00
Luca Deri
3dda9ba905 Added FLOW_VERDICT handling 2021-04-19 23:49:23 +02:00
Simone Mainardi
da943e0dff Reduces the maximum cli/srv score per callback to 128 2021-03-23 14:54:32 +01:00
Luca Deri
a3990cd904 Added Some IPFIX stanndard fields collected by ntopng/nProbe in pass throught mode 2021-02-23 12:33:07 +01:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Simone Mainardi
16e2c9efe2 Cleanup to remove flow_consts no longer needed 2020-12-22 17:59:51 +01:00
Simone Mainardi
636ac2e804 Cleanup parametric alert severities from flow status definitions 2020-11-12 12:12:25 +01:00
Simone Mainardi
8b7a99aa94 Fixes for flow-status-dependent severity 2020-11-12 12:02:27 +01:00
Simone Mainardi
93920ccdce Implements example of simplified flow alerts 2020-11-10 15:10:54 +01:00
Simone Mainardi
d42057baf5 Additional fixes for Zero TCP window detection 2020-11-07 15:38:39 +01:00
Simone Mainardi
357f11900f Fixes exceptions upon plugins reload 
Fixes #4633
 2020-10-27 17:35:14 +01:00
Luca Deri
51ea9c53cf Reworked alert icon colors 2020-10-16 19:38:04 +02:00
Simone Mainardi
d3dda0bb82 Unifies misbehaving with alerted flows 
Implements #4596
 2020-10-16 18:58:20 +02:00
Simone Mainardi
cbe28fb750 Makes loadDefinition local to flow_consts 
Possible fix for #4560
 2020-10-11 19:02:52 +02:00
Simone Mainardi
b82738330c Adds extra indications upon plugin load failures 
Fixes #4549
 2020-10-09 09:23:11 +02:00
Luca Deri
c7b7f2ee1b Minor cleanup 2020-09-23 09:35:32 +02:00
Alfredo Cardigliano
721a32b9a4 Indentation 2020-09-18 18:27:21 +02:00
Simone Mainardi
ec9d092423 Fixes DNS stats when collecting from ZMQ 
Fixes #4148
 2020-07-29 10:40:53 +02:00
Simone Mainardi
0b894bcec9 Typo 2020-07-24 13:22:17 +02:00
Simone Mainardi
c3bf89e984 Improves loading of flow definitions (uses require in place of dofile) 2020-07-23 14:31:09 +02:00
Alfredo Cardigliano
2364e73345 DSCP utiliti functions 2020-07-17 10:40:38 +02:00
Simone Mainardi
83c4d36e34 Simplifies flow.triggerStatus using internal flow status reference 2020-04-27 17:48:56 +02:00
Simone Mainardi
290175b16f Refactors alrt builders into creators 
Refactors builders into creators: calls
 2020-04-27 15:53:56 +02:00
Simone Mainardi
ab1690ad9e Implements builders for each flow status definition 
[FlowsK] alert_blacklisted_country.lua

[FlowsK] alert_flow_blacklisted.lua

[FlowsK] alert_device_protocol_not_allowed.lua

[FlowsK] external_alert.lua

[FlowsK] alert_potentially_dangerous_protocol.lua

[FlowsK] tls_certificate_mismatch.lua

[FlowsK] tls_certificate_expired.lua

[FlowsK] tls_malicious_signature.lua

[FlowsK] elephant_flows.lua

[FlowsK] not_purged.lua

[FlowsK] web_mining.lua

[FlowsK] potentially_dangerous.lua

[FlowsK] alert_flow_blocked.lua
 2020-04-27 12:43:37 +02:00
Simone Mainardi
78b334e4eb Refactors alerts and flow statuses in builtin and plugins 
Implements #3811
Implements #3812

Refactors builtin alerts

Refactors builtin flow statuses
 2020-04-21 22:27:49 +02:00
Simone Mainardi
0a9a7015e0 Unifies status_id and status_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
4177ee61ab Implements constant flow and alert ids 
Enlarges AlertType size

Changes alerts database
 2020-04-14 22:20:44 +02:00
emanuele-f
15c013922d Improve plugins reload to avoid transient errors 
A "shadow directory" is now populated when the reload occurs and then swapped as the active directory.
This avoids breaking the directory structure or changing files when other threads are possibly working
on them.

Fixes #3595
 2020-03-26 14:21:11 +01:00
emanuele-f
58b3d42d22 Set max score on hosts contacting blacklisted hosts 2020-02-17 15:16:01 +01:00
emanuele-f
13ec0d2f44 Use the flow score to determine the status priority 2020-02-07 19:17:07 +01:00
Alfredo Cardigliano
9d57d9ffce Fix error string (2) 2020-01-30 10:04:34 +01:00
emanuele-f
566b9ece0b Score changes 
- Move score from status definition to user scripts
- Separate flow score counter from the peers score
- Create a new HostScore class to hold the score data
 2020-01-16 18:11:14 +01:00
Simone Mainardi
48910b9f87 Implements auto assignment of user script alert and status ids 2020-01-15 13:08:58 +01:00
emanuele-f
d7528e1628 Score improvements 
The score is now calculated differently on the client and on the server of the flow.
The hosts flow is updated every minute and charted.
It's now possible to trigger an alert when the score threshold is exceeded
 2020-01-15 12:34:16 +01:00
Luca Deri
170bc60f19 Updated (C) 2020-01-08 23:52:51 +01:00
Luca
165e7cdea3 Changes for TLS certificate expire check 2020-01-03 21:26:48 +01:00
emanuele-f
8883a5321a Fix plugins errors due to demo expiration 2019-12-12 17:26:56 +01:00
emanuele-f
e9a081903c More robust plugins loading and error reporting 
This prevents malformed scripts in plugins from breaking ntopng
 2019-12-11 13:20:11 +01:00
emanuele-f
a3432e00e8 Implement ntopng plugins 
Plugins are a convenient way to group together related lua scripts.
Their primary use case is to group user scripts and their alert/status
definition.
The builtin ntopng user scripts and definitions are now
packed into plugins directories. In future, we will support loading of
user created plugins.
Plugins are loaded at startup into some runtime directories and then
used. Other changes provided by this commit include:

- Add sample flow logger plugin
- Initial support for system user scripts
- Rename edge to threshold
- Migrate system probes to user scripts/plugins
- Migrate scripts to more explicit alerts_api.checkThresholdAlert api
 2019-12-10 09:25:57 +01:00