vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-06 12:15:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
11878 commits 26 branches 19 tags 449 MiB
Commit graph

244 commits

Author SHA1 Message Date
Simone Mainardi
8d6dafc897 Unifies new alerts and flow alerts API 2020-12-04 17:03:23 +01:00
Simone Mainardi
5c0c23feb6 Fixes execution of periodicUpdate flow callback 
Fixes #4687
 2020-11-06 18:17:54 +01:00
Simone Mainardi
d7f1ce0d8c Reworks and optimizes flow alerted status 2020-10-19 16:50:22 +02:00
Alfredo Cardigliano
a5a8030e35 Cleanup trigger flow external alert 2020-10-19 13:12:31 +02:00
Simone Mainardi
d3dda0bb82 Unifies misbehaving with alerted flows 
Implements #4596
 2020-10-16 18:58:20 +02:00
Simone Mainardi
b7bdd1edaf Massive cleanup of alerts (disabled/suppressed) 
Fixes #4504
 2020-10-01 18:40:11 +02:00
Simone Mainardi
0db456c0cf Reworks flow user scripts execution in C++ 2020-09-30 18:41:36 +02:00
Simone Mainardi
8392e126f8 Simplifies and reduces the number of threads for purging idle entries 2020-09-29 18:51:44 +02:00
Simone Mainardi
5133af720f Reworks view interfaces with queues; rework idling and flow hooks exec 2020-09-29 18:30:10 +02:00
Simone Mainardi
90a5a57b36 Implements user script queues (avoids 5-sec HT walk) 2020-09-28 11:45:00 +02:00
Simone Mainardi
814ee67cf9 Reworks nDPI Risks flow plugins to handle all risks and scores 
Fixes #4432
 2020-09-23 17:58:51 +02:00
Simone Mainardi
6c1280a8e5 Reworks recipients.lua as static rather than (useless) instance 2020-09-23 15:03:07 +02:00
Alfredo Cardigliano
7bda229e8f Use score to filter flow alerts when supported (Enterprise) 2020-09-22 04:22:58 +02:00
Simone Mainardi
db0d7730a8 Implements per-category host score 
Implements #4413
 2020-09-18 18:34:28 +02:00
Simone Mainardi
b7341506f7 Implements checks for script type and alert severity in dispatch_notification 2020-09-16 13:08:07 +02:00
Simone Mainardi
9e99fa1403 Uses new in-memory queues for alert recipients (avoid Redis) 2020-09-08 18:36:18 +02:00
Simone Mainardi
85f555a908 Removes intermediate alert queues - only leaves recipient queues 
Implements #4366
 2020-09-04 17:41:55 +02:00
Simone Mainardi
7f241d71d5 Implements attack mitigation via SNMP 
Implements #3833 along with companion pro commit
 2020-08-24 15:05:35 +02:00
Luca Deri
f5e572cb5e Split pruge of idled entries from hashtable ste transition 2020-08-13 10:21:59 +02:00
Luca Deri
f7bddc7e0a Improved low-threshold script skip 2020-08-12 11:36:51 +02:00
Luca Deri
10b27b12c8 Added check for reducing load pressure when too many idle flow instances are present in the system 2020-08-12 10:54:57 +02:00
Simone Mainardi
dc980bef0a Adds anti-stall checks on host user scripts 2020-08-05 11:18:10 +02:00
Simone Mainardi
330234e3f7 Optimized hosts scripts using direct pool_id to retrieve config 2020-07-30 19:57:16 +02:00
Simone Mainardi
516451aa6c Uses actual host pool id when executing host scripts 2020-07-30 11:39:15 +02:00
Simone Mainardi
4e96ae7e26 Refactors user_scripts method names 2020-07-29 15:17:31 +02:00
Simone Mainardi
c291fe91c9 Adds periodic_user_scripts.lua for the execution of periodic scripts 2020-07-29 14:47:11 +02:00
Simone Mainardi
8418d932ec Avoids spawning num_interfaces + threads to update stats 2020-07-27 15:50:11 +02:00
Alfredo Cardigliano
f038baf804 Alerts are no longer enqueued if disabled 2020-07-23 00:49:28 +02:00
Simone Mainardi
92c88c7924 Migrates interface user scripts to the new interface pools configuration 2020-07-10 19:32:03 +02:00
Simone Mainardi
cf400216e2 Implements caching of member-to-confiset_id as Lua pool class member 2020-07-10 19:22:47 +02:00
Simone Mainardi
bd4921df55 Migrates local network user scripts to the new host pools configuration 2020-07-10 18:45:19 +02:00
Simone Mainardi
09c69edb22 Major rework of user_scripts.lua to use new pools 2020-07-10 13:01:29 +02:00
emanuele-f
340462ad73 Cleanup of the timeseries ring and NetworkInterfaceTsPoint 2020-05-20 15:18:03 +02:00
Simone Mainardi
b6447bbfb0 Implements ordering for flow Lua callbacks 2020-05-17 14:12:08 +02:00
Simone Mainardi
f3a5d7b10e Fixes external suricata alerts 2020-04-28 20:37:50 +02:00
Alfredo Cardigliano
c22f3b00e1 Fix alert ids source match 2020-04-28 16:12:03 +02:00
Alfredo Cardigliano
963cff670f Cleanup severity for external alerts 2020-04-27 18:04:41 +02:00
Simone Mainardi
83c4d36e34 Simplifies flow.triggerStatus using internal flow status reference 2020-04-27 17:48:56 +02:00
Simone Mainardi
efe4f9a8be Unifies alerts generation format with flow statuses 2020-04-27 14:37:04 +02:00
Simone Mainardi
ab1690ad9e Implements builders for each flow status definition 
[FlowsK] alert_blacklisted_country.lua

[FlowsK] alert_flow_blacklisted.lua

[FlowsK] alert_device_protocol_not_allowed.lua

[FlowsK] external_alert.lua

[FlowsK] alert_potentially_dangerous_protocol.lua

[FlowsK] tls_certificate_mismatch.lua

[FlowsK] tls_certificate_expired.lua

[FlowsK] tls_malicious_signature.lua

[FlowsK] elephant_flows.lua

[FlowsK] not_purged.lua

[FlowsK] web_mining.lua

[FlowsK] potentially_dangerous.lua

[FlowsK] alert_flow_blocked.lua
 2020-04-27 12:43:37 +02:00
Simone Mainardi
0a9a7015e0 Unifies status_id and status_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
1eb02b2c2b Unifies alert_id and alert_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
e487427aab Refactors alert_utils and enterprise_alert_utils 
Addresses #3720

Alerts Refactor: alert_utils as module

Alerts Refactor: notify_ntopng_start and notify_ntopng_stop

Alerts Refactor: processAlertNotifications

Alerts Refactor: checkStoreAlertsFromC

Alerts Refactor: formatAlertNotification

Alerts Refactor: notification_timestamp_rev

Alerts Refactor: formatAlertMessage

Alerts Refactor: getConfigsetAlertLink

Alerts Refactor: alertNotificationActionToLabel

Alerts Refactor: flushAlertsData

Alerts Refactor: disableAlertsGeneration

Alerts Refactor: newAlertsWorkingStatus and other

Alerts Refactor: drawAlerts

Alerts Refactor: drawAlertTables

Alerts Refactor: printAlertTables

Alerts Refactor: checkDeleteStoredAlerts

Alerts Refactor: getUnpagedAlertOptions

Alerts Refactor: getTabParameters

Alerts Refactor: getAlerts

Alerts Refactor: getNumAlerts

Alerts Refactor: performAlertsQuery

Alerts Refactor: sec2granularity

Alerts Refactor: granularity2id

Alerts Refactor: granularity2sec

Alerts Refactor: alertEngineLabel

Alerts Refactor: alertEngine

Alerts Refactor: alertEngineRaw

Alerts Refactor: alertTypeDescription

Alerts Refactor: alertType

Alerts Refactor: alertTypeLabel

Alerts Refactor: alertTypeRaw

Alerts Refactor: alertSeverity

Alerts Refactor: alertSeverityLabel

Alerts Refactor: alertSeverityRaw

Alerts Refactor: get_make_room_keys

Alerts Refactor: enterprise_alert_utils
 2020-04-10 14:03:20 +02:00
emanuele-f
c848ea2395 Fix script failure due to removed host.getLocalhostInfo 2020-04-02 18:42:52 +02:00
Alfredo Cardigliano
2425134f05 Replace isEnterprise with isEnterpriseM 2020-04-02 12:36:34 +00:00
Simone Mainardi
daf7f0a05c Minor Fix 2020-04-01 13:12:55 +02:00
Simone Mainardi
a9776b5013 Documents internals periodic activities 2020-04-01 13:03:13 +02:00
Simone Mainardi
3144bc8bdf Renames alert_config to user_script_config 2020-03-26 14:51:53 +01:00
emanuele-f
0facf0e27d Implement host timeseries off/light/mode selection 
Closes #3466
 2020-03-03 15:52:04 +01:00
Alfredo Cardigliano
b3ceaf9db4 Moved external alert score computation (fix #3447) 2020-02-24 15:01:21 +01:00