vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-06 20:46:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
11878 commits 26 branches 19 tags 449 MiB
Commit graph

88 commits

Author SHA1 Message Date
Simone Mainardi
8d6dafc897 Unifies new alerts and flow alerts API 2020-12-04 17:03:23 +01:00
Simone Mainardi
5c0c23feb6 Fixes execution of periodicUpdate flow callback 
Fixes #4687
 2020-11-06 18:17:54 +01:00
Simone Mainardi
d7f1ce0d8c Reworks and optimizes flow alerted status 2020-10-19 16:50:22 +02:00
Alfredo Cardigliano
a5a8030e35 Cleanup trigger flow external alert 2020-10-19 13:12:31 +02:00
Simone Mainardi
d3dda0bb82 Unifies misbehaving with alerted flows 
Implements #4596
 2020-10-16 18:58:20 +02:00
Simone Mainardi
b7bdd1edaf Massive cleanup of alerts (disabled/suppressed) 
Fixes #4504
 2020-10-01 18:40:11 +02:00
Simone Mainardi
0db456c0cf Reworks flow user scripts execution in C++ 2020-09-30 18:41:36 +02:00
Simone Mainardi
814ee67cf9 Reworks nDPI Risks flow plugins to handle all risks and scores 
Fixes #4432
 2020-09-23 17:58:51 +02:00
Simone Mainardi
6c1280a8e5 Reworks recipients.lua as static rather than (useless) instance 2020-09-23 15:03:07 +02:00
Alfredo Cardigliano
7bda229e8f Use score to filter flow alerts when supported (Enterprise) 2020-09-22 04:22:58 +02:00
Simone Mainardi
db0d7730a8 Implements per-category host score 
Implements #4413
 2020-09-18 18:34:28 +02:00
Simone Mainardi
b7341506f7 Implements checks for script type and alert severity in dispatch_notification 2020-09-16 13:08:07 +02:00
Simone Mainardi
9e99fa1403 Uses new in-memory queues for alert recipients (avoid Redis) 2020-09-08 18:36:18 +02:00
Simone Mainardi
85f555a908 Removes intermediate alert queues - only leaves recipient queues 
Implements #4366
 2020-09-04 17:41:55 +02:00
Alfredo Cardigliano
f038baf804 Alerts are no longer enqueued if disabled 2020-07-23 00:49:28 +02:00
Simone Mainardi
09c69edb22 Major rework of user_scripts.lua to use new pools 2020-07-10 13:01:29 +02:00
Simone Mainardi
b6447bbfb0 Implements ordering for flow Lua callbacks 2020-05-17 14:12:08 +02:00
Simone Mainardi
f3a5d7b10e Fixes external suricata alerts 2020-04-28 20:37:50 +02:00
Alfredo Cardigliano
c22f3b00e1 Fix alert ids source match 2020-04-28 16:12:03 +02:00
Alfredo Cardigliano
963cff670f Cleanup severity for external alerts 2020-04-27 18:04:41 +02:00
Simone Mainardi
83c4d36e34 Simplifies flow.triggerStatus using internal flow status reference 2020-04-27 17:48:56 +02:00
Simone Mainardi
efe4f9a8be Unifies alerts generation format with flow statuses 2020-04-27 14:37:04 +02:00
Simone Mainardi
ab1690ad9e Implements builders for each flow status definition 
[FlowsK] alert_blacklisted_country.lua

[FlowsK] alert_flow_blacklisted.lua

[FlowsK] alert_device_protocol_not_allowed.lua

[FlowsK] external_alert.lua

[FlowsK] alert_potentially_dangerous_protocol.lua

[FlowsK] tls_certificate_mismatch.lua

[FlowsK] tls_certificate_expired.lua

[FlowsK] tls_malicious_signature.lua

[FlowsK] elephant_flows.lua

[FlowsK] not_purged.lua

[FlowsK] web_mining.lua

[FlowsK] potentially_dangerous.lua

[FlowsK] alert_flow_blocked.lua
 2020-04-27 12:43:37 +02:00
Simone Mainardi
0a9a7015e0 Unifies status_id and status_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
1eb02b2c2b Unifies alert_id and alert_key 2020-04-15 14:29:03 +02:00
Simone Mainardi
e487427aab Refactors alert_utils and enterprise_alert_utils 
Addresses #3720

Alerts Refactor: alert_utils as module

Alerts Refactor: notify_ntopng_start and notify_ntopng_stop

Alerts Refactor: processAlertNotifications

Alerts Refactor: checkStoreAlertsFromC

Alerts Refactor: formatAlertNotification

Alerts Refactor: notification_timestamp_rev

Alerts Refactor: formatAlertMessage

Alerts Refactor: getConfigsetAlertLink

Alerts Refactor: alertNotificationActionToLabel

Alerts Refactor: flushAlertsData

Alerts Refactor: disableAlertsGeneration

Alerts Refactor: newAlertsWorkingStatus and other

Alerts Refactor: drawAlerts

Alerts Refactor: drawAlertTables

Alerts Refactor: printAlertTables

Alerts Refactor: checkDeleteStoredAlerts

Alerts Refactor: getUnpagedAlertOptions

Alerts Refactor: getTabParameters

Alerts Refactor: getAlerts

Alerts Refactor: getNumAlerts

Alerts Refactor: performAlertsQuery

Alerts Refactor: sec2granularity

Alerts Refactor: granularity2id

Alerts Refactor: granularity2sec

Alerts Refactor: alertEngineLabel

Alerts Refactor: alertEngine

Alerts Refactor: alertEngineRaw

Alerts Refactor: alertTypeDescription

Alerts Refactor: alertType

Alerts Refactor: alertTypeLabel

Alerts Refactor: alertTypeRaw

Alerts Refactor: alertSeverity

Alerts Refactor: alertSeverityLabel

Alerts Refactor: alertSeverityRaw

Alerts Refactor: get_make_room_keys

Alerts Refactor: enterprise_alert_utils
 2020-04-10 14:03:20 +02:00
Alfredo Cardigliano
2425134f05 Replace isEnterprise with isEnterpriseM 2020-04-02 12:36:34 +00:00
Alfredo Cardigliano
b3ceaf9db4 Moved external alert score computation (fix #3447) 2020-02-24 15:01:21 +01:00
Alfredo Cardigliano
dbe07bbfcd Score computation fix (external alerts) 2020-02-24 12:27:48 +01:00
Simone Mainardi
5b70db90ad Handles deadlines for flow user scripts 2020-02-19 10:46:44 +01:00
emanuele-f
58b3d42d22 Set max score on hosts contacting blacklisted hosts 2020-02-17 15:16:01 +01:00
emanuele-f
e3d3d3992f Replace an existing flow alert if a more critical problem is found 
Also add the flow score into the database
 2020-02-07 19:20:57 +01:00
emanuele-f
0a0a3c4537 Rework flow status accounting 2020-02-07 19:17:07 +01:00
emanuele-f
13ec0d2f44 Use the flow score to determine the status priority 2020-02-07 19:17:07 +01:00
emanuele-f
96925a7e03 Fix invalid flow.triggerStatus calls 2020-02-06 10:31:22 +01:00
emanuele-f
c791fc1246 Add check to avoid nil config 2020-01-24 11:35:59 +01:00
Simone Mainardi
1cbdbbd339 Hides status_id from flow.{trigger,set,clear}Status 
Fixes #3266
 2020-01-21 12:27:33 +01:00
emanuele-f
dd8643ad79 Add missing community check 2020-01-20 13:21:38 +01:00
emanuele-f
aca088ea13 Add hyperlink to jump to the alert configuration 
Closes #2936
 2020-01-17 19:11:15 +01:00
emanuele-f
508d040a49 Fix updateScore not called in flow.setStatus 2020-01-17 11:11:02 +01:00
emanuele-f
a97dbd013b Remove score global preference 2020-01-16 18:21:35 +01:00
emanuele-f
566b9ece0b Score changes 
- Move score from status definition to user scripts
- Separate flow score counter from the peers score
- Create a new HostScore class to hold the score data
 2020-01-16 18:11:14 +01:00
Simone Mainardi
03a4b14dda User scripts now read view configsets for viewed interfaces 
Implements #3225
 2020-01-15 15:40:44 +01:00
emanuele-f
6edecb12cb Score visualization improvements 2020-01-15 15:27:45 +01:00
emanuele-f
d7528e1628 Score improvements 
The score is now calculated differently on the client and on the server of the flow.
The hosts flow is updated every minute and charted.
It's now possible to trigger an alert when the score threshold is exceeded
 2020-01-15 12:34:16 +01:00
Luca Deri
170bc60f19 Updated (C) 2020-01-08 23:52:51 +01:00
Simone Mainardi
724f1da5ea Fixes use of interface names in flow alerts 2020-01-08 19:03:08 +01:00
Simone Mainardi
76391ff6a5 Resores flow alerts for view interfaces 2020-01-08 18:18:00 +01:00
emanuele-f
d037f9a9a4 Use new user scripts config and gui 
The user scripts configuration can now be configured from the "User Scripts" entry under the cog
icon. It allows the creation of multiple configuration presets to be applied to hosts, networks and
interfaces.
 2020-01-03 13:03:34 +01:00
emanuele-f
4621a8f409 Reload the periodic scripts when the configuration changes 2019-12-31 19:31:03 +01:00