vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-10 00:42:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
7135 commits 26 branches 19 tags 450 MiB
Commit graph

1773 commits

Author SHA1 Message Date
Luca Deri
ffcfe398cc Reworked flow stats defining InterarrivalStats 
Fixed ms/timeval diffrence functions
 2019-09-02 23:58:34 +02:00
Simone Mainardi
91163ed4e2 Fixes Lua script failures when loading alerts/flow.lua 2019-09-02 10:53:36 +02:00
emanuele-f
2d02de6cc1 Implement initial flow score support 2019-08-30 17:16:11 +02:00
Simone Mainardi
2e67a69cb7 Implements redis health and keys used monitoring 2019-08-30 16:19:33 +02:00
Simone Mainardi
24cf71a70d Parses and charts UDP socket drops from nProbe 2019-08-30 12:54:41 +02:00
Alfredo Cardigliano
3f04f0c080 Updating pf_ring drop stats in the housekeeping task (avoid inline updates with the GUI) 2019-08-29 15:53:20 +02:00
Luca Deri
5cc319a787 Compilation fix 2019-08-29 07:13:24 +02:00
Simone Mainardi
6ae30f0604 Initial implementation of the Redis monitoring probe 2019-08-28 19:30:52 +02:00
Alfredo Cardigliano
2c81afd678 Setting severity for IDS alerts 2019-08-28 03:38:01 +02:00
emanuele-f
b66b71fd7e Implement alert on JA3 malicious signatures 
Closes #2788
 2019-08-28 18:33:13 +02:00
emanuele-f
a8cb972e7d Implement ghost networks alerts 2019-08-28 16:42:18 +02:00
Alfredo Cardigliano
f8af84df2d SyslogParserInterface now supports the companion interface for delivering Suricata alerts to a packet interface (#1928) 2019-08-27 17:53:34 +02:00
Alfredo Cardigliano
dc9978c68d Moved companion interface to ParserInterface to be used by any *ParserInterface 2019-08-27 16:24:46 +02:00
emanuele-f
b3bdfcff32 Cleanup of the too-many-drops interface alert 2019-08-27 13:04:53 +02:00
Simone Mainardi
e46221e0bb Implements packet distribution and tcp flags stats for view interfaces 2019-08-27 12:34:12 +02:00
Simone Mainardi
af61cfd483 Implements tcp packet stats for hosts, ases, networks in interface views 2019-08-27 11:16:20 +02:00
Simone Mainardi
a3821b5327 Minor SSL to JA3 changes 2019-08-26 16:58:34 +02:00
Simone Mainardi
11aa854cba Handles hosts HASSH fingerprints 2019-08-26 16:55:39 +02:00
emanuele-f
e92641920d Implement syn/flow flood victim alerts on local networks 2019-08-26 16:42:23 +02:00
Simone Mainardi
0353edb2a6 Adds ssh HASSH signatures into flows 2019-08-26 15:22:47 +02:00
Alfredo Cardigliano
e1b57831eb Optimized getKeyId (25% performance boost with TLV) 2019-08-26 12:05:47 +02:00
Simone Mainardi
c8fb20bed9 Makes alert database tables rowid as autoincrement 2019-08-23 10:31:56 +02:00
emanuele-f
f43f4b7dd9 Add engaged alerts type exclusion filter 
Fixes #2780
 2019-08-22 16:30:45 +02:00
emanuele-f
69cd896a9f Implement engaged alerts and flow alerts timeseries 2019-08-21 16:57:14 +02:00
emanuele-f
281a67e10d Refactor LocalHostStats::makeTsPoint and fix bug when ts ring is disabled 2019-08-21 15:52:16 +02:00
emanuele-f
2b2a74af79 Fix bad time resolution of values for some host exported timeseries 
- active_flows.as_client
- active_flows.as_server
- total_flows.as_client
- total_flows.as_server
- contacts.as_client
- contacts.as_server
- DNS, TCP, ICMP stats

Fixes #2776
 2019-08-21 15:37:17 +02:00
emanuele-f
951cb1a4e9 Fix alert issues due to invalid granularities 2019-08-21 10:27:15 +02:00
emanuele-f
87ba28195b Add support to engage/release on external alerts 2019-08-20 19:02:58 +02:00
Simone Mainardi
54473f7883 Updates host pools stats also in community mode 2019-08-20 12:00:41 +02:00
emanuele-f
d1c5275302 Move suppressed alerts flag to C to reduce Redis load 2019-08-20 11:54:25 +02:00
Simone Mainardi
00ac9c2968 Compilation fix 2019-08-20 11:49:10 +02:00
Simone Mainardi
3413a6afd0 Implements stats rather than grouped hosts data for host pools stats 2019-08-20 11:45:11 +02:00
Simone Mainardi
74c545d079 Uses stats rather than grouped hosts data for network stats 2019-08-19 17:39:51 +02:00
emanuele-f
20d2d929c7 Fix missing interface alerts 
Fixes #2770
Fixes #2769
 2019-08-19 11:20:29 +02:00
Simone Mainardi
e363e56e23 Implements sorting of hosts per number of UDP port unreachable flows 2019-08-16 15:25:41 +02:00
Luca
6f95b32eae Alert triggering optimisation 2019-08-15 21:20:39 +02:00
Luca
f8c962a6fb Fixed alerts race conditions 2019-08-15 17:19:26 +02:00
Simone Mainardi
e1bdb8887c Performs local hosts serialization in set_hash_entry_state_idle 2019-08-12 14:40:54 +02:00
Simone Mainardi
ac2ce0c058 Sets all hash entries to idle during shutdown 2019-08-12 14:05:08 +02:00
Alfredo Cardigliano
55cad7ae43 Cleanup and comments to ZMQParserInterface 2019-08-12 09:44:53 +02:00
Luca
899b580cc4 SSL/TLS rename 2019-08-08 15:24:38 +02:00
Emanuele Faranda
c829c4c3c3
Unify os (#2755) 
* Unify OS information.

Now OS information is only stored into the Host. The lua uses numeric IDs to handle OS.

* Fix network discovery OS

* Show OS detail into the host details page
 2019-08-08 12:09:51 +00:00
emanuele-f
81a9963e46 Implement alerts based on potentially dangerous flows nDPI classification 2019-08-07 14:29:06 +02:00
Luca Deri
fa33738762 Added incUses in get-ter method to avoid race conditions 2019-08-06 09:43:30 +02:00
Luca Deri
86ab1907df Added extra checks to idle objects 2019-08-06 09:31:35 +02:00
Alfredo Cardigliano
c11c144a68 Reworked ZMQ parser to use ParsedValue instead of string/int/float, JSON-C is now parsing the correct type instead of always string 2019-08-05 13:56:41 +02:00
Simone Mainardi
f110602192 Refactors hash entry state setters to ease override 2019-08-05 12:12:16 +02:00
emanuele-f
670f5f9d10 Fix bitmap operations on 64bit values 2019-07-31 13:48:00 +02:00
emanuele-f
959b60705d Increase alerts database version after the latest changes which break compatibility 2019-07-31 12:36:08 +02:00
emanuele-f
ee9e5ec9de Unify alerts and alerts notifications format 2019-07-30 18:12:58 +02:00