vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-24 21:56:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
11878 commits 26 branches 19 tags 463 MiB
Commit graph

203 commits

Author SHA1 Message Date
Alfredo Cardigliano
d19db6b678 Run ntopng on the bridge interface when running in bridge mode as appliance 2020-11-27 16:43:31 +01:00
Alfredo Cardigliano
67fd78e66c Add --appliance switch. Draft implementation of the System Setup interface (#4715) 2020-11-18 12:47:12 +01:00
Luca Deri
8799962523 Removed -4 command line parameter as it is not longer necessary past 4.2 2020-11-10 22:44:13 +01:00
Simone Mainardi
83209ac402 Keeps alerted hosts in memory (fixes engaged alert counter out of sync) 
Fixes #4506
 2020-10-05 11:54:17 +02:00
Luca Deri
8db941c31e Improved IEC 104 plugin 2020-09-16 23:24:40 +02:00
Alfredo Cardigliano
0fb6f9472f Direct flow dump improbements and debug counters 2020-09-15 18:13:24 +02:00
Alfredo Cardigliano
f1ff3e89ea Add -F nindex;direct to enable direct dump 2020-09-15 01:31:57 +02:00
Alfredo Cardigliano
2a4438d10c Add lua API to set wan interface name 2020-09-08 15:44:08 +02:00
Alfredo Cardigliano
7d560c904a Fix compilation on travis (2) 2020-07-28 16:03:33 +02:00
Alfredo Cardigliano
38b3b2918f Fix compilation on travis 2020-07-28 15:57:12 +02:00
Luca Deri
64443de7cd Added preference for handlign behavioru analysis 2020-07-24 12:07:27 +02:00
Luca Deri
74005c6eb5 Enabled host behaviour 2020-07-22 23:15:09 +02:00
Luca Deri
dd062dcc09 Behaviour analysis is not disabled by default 2020-07-22 09:39:47 +02:00
Luca Deri
35876b871e Added --pcap-file-purge-flows for forcing purge on pcap files (debug only) 
Local host BA improvements
 2020-07-15 17:20:57 +02:00
Alfredo Cardigliano
354866d16a Remove aggregated flows 2020-07-03 17:17:33 +02:00
Alfredo Cardigliano
976708e413 Compute json if json dump to text file is enabled 2020-06-30 18:06:10 +02:00
emanuele-f
340462ad73 Cleanup of the timeseries ring and NetworkInterfaceTsPoint 2020-05-20 15:18:03 +02:00
Simone Mainardi
28480748aa Implements runtime flows dump toggle 2020-04-22 18:12:49 +02:00
Simone Mainardi
6ea50fb004 Implements the Elasticsearch alerts endpoint 
Implements #3105

Initial work to add elastisearch alerts

Initial implementation of ES alerts

Implements version check

Implements flow alerts format

Changes Elasticsearch index name

Comments the Elasticsearch alert endpoint
 2020-04-18 16:35:14 +02:00
Alfredo Cardigliano
a254a3ad6b Support for Enterprise L license 2020-04-02 11:02:56 +00:00
Alfredo Cardigliano
5cbe4546f2 Option --zmq-encryption-key <pub key> can be used with -I <endpoint> to encrypt data hi hierarchical mode 2020-03-11 17:11:05 +01:00
Alfredo Cardigliano
ce1e730203 -F nindex;debug to add all nindex info to the json 2020-03-02 10:59:08 +01:00
Alfredo Cardigliano
765474fa70 Option -F nindex;{dump,load} to dump and load json flows (for debugging only) 2020-02-27 18:51:59 +01:00
Alfredo Cardigliano
d83b2fb0ba Option to dump json flows to disk with -F nindex;debug 2020-02-26 16:34:46 +01:00
Alfredo Cardigliano
c3d3984285 Add more info to flow serialize (json) 2020-02-26 13:23:07 +01:00
emanuele-f
4944556992 Do not execute timeseries.lua if the driver is not InfluxDB 2020-02-21 12:08:07 +01:00
emanuele-f
96299661b3 Implement periodic activities status monitor 2020-02-20 16:59:11 +01:00
Simone Mainardi
b9a4534af6 Implements randomization of ips 2020-01-09 17:44:11 +01:00
Luca Deri
57e6a93065 Improved scheduling algorithm to guarantee minimum service time when number of entries allow 
Updated (C)
 2020-01-06 23:36:36 +01:00
Alfredo Cardigliano
e585ad9f1b Autogenerate persistent ZMQ CURVE key pairs. Display the public key in the interface details. New --zmq-encryption option to enable encryption (disabled by default for the time being) 2019-11-21 13:01:48 +01:00
Alfredo Cardigliano
4579a11c2e Support for ZMQ CURVE encryption (testing, no public option yet), added encryption to the json2tlv test tool, updated the embedded ZMQ source to latest 4.1.x stable 2019-11-20 11:11:39 +01:00
Alfredo Cardigliano
9992179645 Set affinity mask for service threads (implements #3012) 2019-10-28 15:54:33 +01:00
emanuele-f
b3a8c6d49a Migrate C flow status alerts to Lua user scripts 
- Alerts and flow status cleanup
- Community flow user scripts migration
- Implement scripts filters by l7 proto and packet interface only
- Migrate flow2statusinfojson
- Lower flow periodic update to 30 seconds if there is flow activity
- Display flow scripts without a gui section
 2019-10-22 10:42:22 +02:00
Simone Mainardi
ca5bcd86bf Deprecates sticky hosts 
Fixes #2907
 2019-10-14 18:50:18 +02:00
Alfredo Cardigliano
7e9678de37 IDS alert -> External alert 2019-10-09 11:35:51 +02:00
emanuele-f
d32b979368 Remove Alert Endpoint preference 
Fixes #2859
 2019-09-23 10:48:21 +02:00
Simone Mainardi
949d2a1025 Calculates flow idle timeouts using nProbe data for ZMQ interfaces 2019-09-10 18:05:16 +02:00
emanuele-f
6e14f978d6 Flow alerts status cleanup 2019-09-10 13:12:11 +02:00
emanuele-f
81a9963e46 Implement alerts based on potentially dangerous flows nDPI classification 2019-08-07 14:29:06 +02:00
Simone Mainardi
d9275ac166 Allows an extra runHousekeepingTasks before shutting down to do proper cleanup 2019-07-19 19:11:29 +02:00
Luca Deri
d04d5da466 Implemented --original-speed for reproducing pcaps at original pace 2019-07-15 17:29:07 +02:00
Simone Mainardi
78b2456931 Implements whitelist for long-lived flows 
Fixes #2666
 2019-06-21 16:00:54 +02:00
emanuele-f
1c9a4d3461 Implement ICMP data exfiltration alerts 
Closes #256
 2019-05-28 10:37:59 +02:00
Simone Mainardi
bbb81ceddd Optionally determines (and swaps) ZMQ src and dst using port numbers 
Implements #1978
 2019-05-22 16:58:58 +02:00
emanuele-f
14a9d83a30 Move local broadcast domain preference to the interface settings and show warnings 
A dismissable warning is shown if DHCP traffic has been seen on the currrent interface.
 2019-04-11 12:52:15 +02:00
Alfredo Cardigliano
96954bdabb new ids alert type and configuration 2019-04-04 11:02:01 +02:00
Simone Mainardi
4b3ae0e652 Makes the ARP matrix generation optional using a pref 2019-03-12 14:53:06 +01:00
emanuele-f
4a97017f35 Fix mac-based serialization key and add a preference to enabled it (disabled by default) 2019-02-22 16:01:58 +01:00
emanuele-f
02371ad963 Add ability to mask MAC addresses 
Closes #2399
 2019-02-19 16:34:47 +01:00
Simone Mainardi
831e5d91e6 Implements Lua unit tests 2019-01-18 18:03:36 +01:00