vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 16:09:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
11878 commits 26 branches 19 tags 446 MiB
Commit graph

23 commits

Author SHA1 Message Date
matteo
86008481b5 Fixes #4266 plugin for triggering alerts on periodic behaviour 2020-11-27 09:01:21 +01:00
Matteo Biscosi
e543b207c9
Fixed shell endpoint bug and added notice when executing the script (#4748) 
Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-18 17:06:06 +01:00
Matteo Biscosi
a8cf3836d7
Fixes #4709 unexpected new device plugin (#4728) 
* Added unexpected new device plugin, needs review

* Fixes #4709 unexpected new device plugin

Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-16 12:41:19 +01:00
Luca Deri
2120bf2486 Added alert for log goodput flows 2020-11-14 00:23:35 +01:00
Simone Mainardi
a091efcb09 Fixes for Zero TCP window detection user script 2020-11-07 10:58:16 +01:00
Matteo Biscosi
383a6659dc
Fixes #4648 trigger an alert when no flows are collected (#4679) 
* Added no_if_activity alert to user script keys

* Added no_if_activity description alert

* Fixes #4648 trigger an alert when no flows are collected

* Changed the time past one call of the alert and an other

* Fixes #4648 reorganized files and cache management

Co-authored-by: matteo <biscosi@ntop.org>
 2020-11-05 17:58:38 +01:00
Simone Mainardi
389f9c2beb Reworks TCP issues flow user script 2020-10-30 15:56:36 +01:00
Simone Mainardi
5d80b67327 Adds info-level alerts upon successful lists download 
Addresses #4554
 2020-10-14 15:08:01 +02:00
Luca Deri
c5e0db54b7 Added support for lateral movement detection 2020-10-11 18:30:21 +02:00
Luca Deri
7616249acd Defined new keys for flows with severe retransmissions 2020-10-11 14:51:16 +02:00
Luca Deri
4565f8af04 Added plugin for detecting unexpected NTP servers 2020-10-10 10:54:19 +02:00
Luca Deri
6190b1e351 Added 
- alert_unexpected_dns_server          = {NO_PEN, 63},
- alert_unexpected_smtp_server         = {NO_PEN, 64},
- alert_unexpected_dhcp_server         = {NO_PEN, 65},

alert keys
 2020-10-09 10:37:44 +02:00
Simone Mainardi
814ee67cf9 Reworks nDPI Risks flow plugins to handle all risks and scores 
Fixes #4432
 2020-09-23 17:58:51 +02:00
Luca Deri
8db941c31e Improved IEC 104 plugin 2020-09-16 23:24:40 +02:00
Simone Mainardi
7f241d71d5 Implements attack mitigation via SNMP 
Implements #3833 along with companion pro commit
 2020-08-24 15:05:35 +02:00
Alfredo Cardigliano
e8fcbd2a90 Trigger host alerts for collected syslog messages (also to companions) 2020-05-18 12:52:38 +02:00
Simone Mainardi
c543df45f9 Reworks suspicious file transfers 2020-05-13 19:38:24 +02:00
Luca Deri
e315158c1d Added plugin for handling flow risks reported by nDPI 2020-05-12 12:18:50 +02:00
Simone Mainardi
f6952358e7 Uniforms handling of alert ids 
Implements #3823
 2020-04-23 10:27:05 +02:00
Simone Mainardi
ac8bd534ea Implents PEN for alert keys 
Implements #3823
 2020-04-22 13:21:40 +02:00
Simone Mainardi
78b334e4eb Refactors alerts and flow statuses in builtin and plugins 
Implements #3811
Implements #3812

Refactors builtin alerts

Refactors builtin flow statuses
 2020-04-21 22:27:49 +02:00
emanuele-f
0be2da4f57 Cleanup remaining references to RTT 2020-04-20 12:21:39 +02:00
Simone Mainardi
4177ee61ab Implements constant flow and alert ids 
Enlarges AlertType size

Changes alerts database
 2020-04-14 22:20:44 +02:00