-- -- (C) 2013-24 - ntop.org -- local dirs = ntop.getDirs() package.path = dirs.installdir .. "/pro/scripts/lua/enterprise/modules/?.lua;" .. package.path package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path package.path = dirs.installdir .. "/scripts/lua/modules/toasts/?.lua;" .. package.path package.path = dirs.installdir .. "/scripts/lua/modules/vulnerability_scan/?.lua;" .. package.path if ((dirs.scriptdir ~= nil) and (dirs.scriptdir ~= "")) then package.path = dirs.scriptdir .. "/lua/modules/?.lua;" .. package.path end require "lua_utils" require "check_redis_prefs" local recording_utils = require "recording_utils" local format_utils = require "format_utils" local page_utils = require("page_utils") local toasts_manager = require("toasts_manager") local blog_utils = require("blog_utils") local template_utils = require "template_utils" local auth = require "auth" local is_nedge = ntop.isnEdge() local is_appliance = ntop.isAppliance() local is_admin = isAdministrator() local is_windows = ntop.isWindows() local info = ntop.getInfo() local has_local_auth = (ntop.getPref("ntopng.prefs.local.auth_enabled") ~= '0') local has_help_enabled = (ntop.getPref("ntopng.prefs.menu_entries.help") ~= '0') local has_developer_enabled = (ntop.getPref( "ntopng.prefs.menu_entries.developer") ~= '0') local vs_utils = require "vs_utils" local behavior_utils = require("behavior_utils") local checks = require "checks" -- ************************************ local is_system_interface = toboolean(page_utils.is_system_view()) local session_user = _SESSION['user'] local checks_config = checks.getConfigset()["config"] local interface_config = checks_config["interface"] local flow_config = checks_config["flow"] -- Check if some alerts are enabled local devices_exclusion_enabled = false local acl_violation_enabled = false if (interface_config) then -- Interface alerts if (interface_config["device_connection_disconnection"]) and (interface_config["device_connection_disconnection"]["min"]["enabled"]) then devices_exclusion_enabled = true end end -- Infrastructure local infrastructure_view = false local infrastructure_instances = {} if ntop.isEnterpriseL() then local infrastructure_utils = require("infrastructure_utils") for _, v in pairs(infrastructure_utils.get_all_instances()) do infrastructure_instances[v.id] = { name = v.alias, url = v.url, } end local view = _GET["view"] or false infrastructure_view = (view and view == 'infrastructure' and table.len(infrastructure_instances) > 0) end -- ************************************ local observationPointId = nil print([[
]]) print [[ ]] prefs = ntop.getPrefs() local iface_names = interface.getIfNames() num_ifaces = 0 for k, v in pairs(iface_names) do num_ifaces = num_ifaces + 1 end interface.select(ifname) local ifs = interface.getStats() local is_pcap_dump = interface.isPcapDumpInterface() local is_packet_interface = interface.isPacketInterface() local is_db_view_interface = interface.isDatabaseViewInterface() local is_viewed = ifs.isViewed local is_influxdb_enabled = ntop.getPref("ntopng.prefs.timeseries_driver") == "influxdb" local is_clickhouse_enabled = ntop.isClickHouseEnabled() local is_asn_mode_enabled = isASNModeEnabled() ifId = ifs.id -- NOTE: see sidebar.js for the client logic page_utils.init_menubar() if is_nedge then dofile(dirs.installdir .. "/pro/scripts/lua/nedge/inc/menubar.lua") else -- ############################################## -- Dashboard page_utils.add_menubar_section({ section = page_utils.menu_sections.dashboard, hidden = is_pcap_dump or is_system_interface or is_db_view_interface, entries = { { entry = page_utils.menu_entries.traffic_dashboard, url = '/lua/index.lua' }, { entry = page_utils.menu_entries.assets_dashboard, hidden = not (ntop.isEnterpriseL() and is_clickhouse_enabled) or interface.isViewed() or infrastructure_view, url = "/lua/pro/assets_dashboard.lua" }, { entry = page_utils.menu_entries.traffic_report, hidden = not (ntop.isEnterprise() and is_clickhouse_enabled) or infrastructure_view, url = "/lua/pro/report.lua" } } }) -- ############################################## -- Active Monitoring -- The Monitoring entry are used to go to the System interface pages -- without using the Interface dropdown. The section is hidden -- in system interface. -- Interface is not system page_utils.add_menubar_section({ section = page_utils.menu_sections.monitoring, hidden = is_system_interface or not is_admin, entries = { { entry = page_utils.menu_entries.active_monitoring, url = "/lua/active_monitoring.lua" }, { entry = page_utils.menu_entries.network_discovery, hidden = not interface.isDiscoverableInterface() or interface.isLoopback() or ntop.limitResourcesUsage() or infrastructure_view, url = "/lua/discover.lua" }, { entry = page_utils.menu_entries.infrastructure_dashboard, hidden = (not ntop.isEnterpriseL() and not ntop.isnEdgeEnterprise()) or not is_admin, url = '/lua/pro/enterprise/infrastructure_dashboard.lua' }, { entry = page_utils.menu_entries.snmp_monitoring, hidden = (not ntop.isEnterpriseM() and not ntop.isnEdgeEnterprise()), url = "/lua/pro/enterprise/snmpdevices_stats.lua" }, { entry = page_utils.menu_entries.vulnerability_scan, url = '/lua/vulnerability_scan.lua', hidden = not vs_utils.is_available() } } }) -- ############################################## -- Alerts page_utils.add_menubar_section({ section = page_utils.menu_sections.alerts, hidden = not prefs.are_alerts_enabled or not auth.has_capability(auth.capabilities.alerts) or is_pcap_dump or is_db_view_interface or infrastructure_view, entries = { { entry = page_utils.menu_entries.alerts_list, url = "/lua/alert_stats.lua" }, { entry = page_utils.menu_entries.alerts_graph, url = "/lua/pro/alerts_graph.lua", hidden = (not ntop.isEnterpriseL()) or ( not ntop.isClickHouseEnabled()) }, { entry = page_utils.menu_entries.alerts_geomap, url = "/lua/pro/alerts_geomap.lua", hidden = true or (not ntop.isEnterpriseXL()) }, { entry = page_utils.menu_entries.alerts_analysis, url = "/lua/pro/enterprise/alerts_analysis.lua", hidden = (not ntop.isEnterprise()) }, {entry = page_utils.menu_entries.divider}, { entry = page_utils.menu_sections.notifications, hidden = not is_admin, url = '/lua/admin/endpoint_notifications_list.lua' } } }) -- ############################################## -- Flows page_utils.add_menubar_section({ section = page_utils.menu_sections.flows, hidden = is_asn_mode_enabled or (is_system_interface or infrastructure_view), entries = { { entry = page_utils.menu_entries.active_flows, url = "/lua/flows_stats.lua" }, { entry = page_utils.menu_entries.db_explorer, hidden = (not ntop.isEnterprise() and not ntop.isnEdgeEnterprise()) or not auth.has_capability(auth.capabilities.historical_flows) or ifs.isViewed or ifs['type'] == 'db' or not hasClickHouseSupport(), url = "/lua/pro/db_search.lua" }, { entry = page_utils.menu_entries.server_ports, url = '/lua/server_ports.lua', hidden = not ntop.isEnterpriseL() } } }) -- ############################################## --[[ page_utils.add_menubar_section({ section = page_utils.menu_sections.chatbot, hidden = is_system_interface or is_viewed, entries = {{ entry = page_utils.menu_entries.chatbot, url = '/lua/chatbot.lua' }}}) ]] -- -- ############################################## -- Views menu entry for ASN Mode -- Group hosts, flows page_utils.add_menubar_section({ section = page_utils.menu_sections.views, hidden = not is_asn_mode_enabled or (is_system_interface or is_viewed or infrastructure_view), entries = {{ entry = page_utils.menu_entries.hosts_asn_mode, url = '/lua/hosts_stats.lua' }, { entry = page_utils.menu_entries.active_flows_asn_mode, url = "/lua/flows_stats.lua" }, { entry = page_utils.menu_entries.historical_flows_asn_mode, hidden = (not ntop.isEnterprise() and not ntop.isnEdgeEnterprise()) or not auth.has_capability(auth.capabilities.historical_flows) or ifs.isViewed or ifs['type'] == 'db' or not hasClickHouseSupport(), url = "/lua/pro/db_search.lua" }, { entry = page_utils.menu_entries.server_ports_asn_mode, url = '/lua/server_ports.lua', hidden = not ntop.isEnterpriseL() }} }) -- ASN data + historical page_utils.add_menubar_section({ section = page_utils.menu_sections.as, hidden = not is_asn_mode_enabled or (is_system_interface or is_viewed or infrastructure_view), entries = { { entry = page_utils.menu_entries.autonomous_systems, hidden = (not ntop.hasGeoIP()) or interface.isViewed(), url = '/lua/as_stats.lua' }, { entry = page_utils.menu_entries.historical_autonomous_systems_asn_mode, hidden = true, url = '/lua/HISTORICAL_AS_STATS.LUA' } } }) -- ############################################## -- Hosts page_utils.add_menubar_section({ section = page_utils.menu_sections.hosts, hidden = is_system_interface or is_viewed or infrastructure_view or is_asn_mode_enabled, entries = { { entry = page_utils.menu_entries.hosts, url = '/lua/hosts_stats.lua' }, { entry = page_utils.menu_entries.devices, hidden = (not ifs.has_macs), url = '/lua/macs_stats.lua' }, {entry = page_utils.menu_entries.divider}, { hidden = not (ntop.isEnterpriseM() and not ntop.isWindows()), entry = page_utils.menu_entries.assets, url = '/lua/pro/assets.lua' } } }) -- ############################################## -- Exporters local has_exporters = (ifs.type == "zmq") or (ifs.type == "custom") or (ntop.isPro() and (table.len(interface.getFlowDevices()) > 0)) page_utils.add_menubar_section({ section = page_utils.menu_sections.collection, hidden = not has_exporters or not ntop.isEnterpriseM() or is_system_interface or infrastructure_view, entries = { { entry = page_utils.menu_entries.sflow_exporters, hidden = table.len(interface.getSFlowDevices() or {}) == 0, url = '/lua/pro/enterprise/sflowdevices_stats.lua' }, { entry = page_utils.menu_entries.nprobe, url = '/lua/pro/enterprise/nprobe.lua' }, { entry = page_utils.menu_entries.observation_points, hidden = (interface.getObsPointsInfo().numObsPoints or 0) == 0, url = '/lua/pro/enterprise/observation_points.lua' } } }) end -- ############################################## -- Maps local service_map_available = false local asset_map_available = ntop.isEnterpriseXL() service_map_available, _ = behavior_utils.mapsAvailable() page_utils.add_menubar_section({ section = page_utils.menu_sections.maps, hidden = is_system_interface or is_viewed or infrastructure_view, entries = { { entry = page_utils.menu_entries.analysis_map, hidden = not service_map_available, url = '/lua/pro/enterprise/network_maps.lua?map=service_map' }, { entry = page_utils.menu_entries.geo_map, hidden = interface.isLoopback() or not ntop.hasGeoIP(), url = '/lua/hosts_geomap.lua' }, { entry = page_utils.menu_entries.hosts_map, hidden = not ntop.isEnterprise() or is_asn_mode_enabled, url = '/lua/pro/enterprise/hosts_map.lua' } } }) -- ############################################## -- Interface page_utils.add_menubar_section({ hidden = is_system_interface or infrastructure_view, section = page_utils.menu_sections.if_stats, entries = { { entry = page_utils.menu_entries.interface, url = "/lua/if_stats.lua" }, {entry = page_utils.menu_entries.divider}, { entry = page_utils.menu_entries.networks, hidden = interface.isViewed(), url = '/lua/network_stats.lua' }, { entry = page_utils.menu_entries.host_pools, hidden = is_nedge, url = '/lua/pool_stats.lua', }, { entry = page_utils.menu_entries.autonomous_systems, hidden = (not ntop.hasGeoIP()) or interface.isViewed() or is_asn_mode_enabled, url = '/lua/as_stats.lua' }, { entry = page_utils.menu_entries.countries, hidden = not ntop.hasGeoIP(), hidden = interface.isViewed(), url = '/lua/country_stats.lua' }, { entry = page_utils.menu_entries.vlans, hidden = not interface.hasVLANs() or interface.isViewed(), url = '/lua/vlan_stats.lua' }, { entry = page_utils.menu_entries.pods, hidden = not ifs.has_seen_pods, url = '/lua/pods_stats.lua' }, { entry = page_utils.menu_entries.containers, hidden = not ifs.has_seen_containers, url = '/lua/containers_stats.lua' } } }) -- ############################################## -- System Health local health_entries = { { entry = page_utils.menu_entries.system_status, url = '/lua/system_stats.lua' }, { entry = page_utils.menu_entries.interfaces_status, url = '/lua/system_interfaces_stats.lua' }, { entry = page_utils.menu_entries.influxdb_status, url = '/lua/monitor/influxdb_monitor.lua', hidden = not is_influxdb_enabled }, { entry = page_utils.menu_entries.redis_status, url = '/lua/monitor/redis_monitor.lua', hidden = false -- TODO: add a check for redis monitoring status }, { entry = page_utils.menu_entries.clickhouse_status, url = '/lua/pro/enterprise/monitor/clickhouse_monitor.lua', hidden = not is_clickhouse_enabled } } -- Add script entries relative to system health (e.g., redis) ... for k, entry in pairsByField(page_utils.scripts_menu, "sort_order", rev) do -- NOTE: match on the health key to only pick the right subset of entries if entry.menu_entry.section == page_utils.menu_sections.health.key then health_entries[#health_entries + 1] = { entry = page_utils.menu_entries[entry.menu_entry.key], url = entry.url } end end page_utils.add_menubar_section({ hidden = not is_system_interface, section = page_utils.menu_sections.health, entries = health_entries }) -- ############################################## -- Pollers (e.g., SNMP, active monitoring) -- System interface menu local poller_entries = { { entry = page_utils.menu_entries.divider}, { hidden = not (ntop.isEnterpriseM() and not ntop.isWindows()) , entry = page_utils.menu_entries.assets_snmp, url = '/lua/pro/assets.lua' }, { entry = page_utils.menu_entries.snmp, hidden = not is_system_interface or (not ntop.isEnterpriseM() and not ntop.isnEdgeEnterprise()), url = "/lua/pro/enterprise/snmpdevices_stats.lua" }, { entry = page_utils.menu_entries.active_monitoring, hidden = not is_system_interface, url = "/lua/active_monitoring.lua" }, { entry = page_utils.menu_entries.infrastructure_dashboard, hidden = (not ntop.isEnterpriseL() and not ntop.isnEdgeEnterprise()) or not is_admin, url = '/lua/pro/enterprise/infrastructure_dashboard.lua' } } -- Add script entries relative to pollers (e.g., active monitoring) ... for k, entry in pairsByField(page_utils.scripts_menu, "sort_order", rev) do if entry.menu_entry.section == page_utils.menu_sections.pollers.key then poller_entries[#poller_entries + 1] = { entry = page_utils.menu_entries[entry.menu_entry.key], url = entry.url } end end page_utils.add_menubar_section({ hidden = not is_system_interface, section = page_utils.menu_sections.pollers, entries = poller_entries }) -- ############################################## -- System local system_entries = {} -- Add script entries... for k, entry in pairsByField(page_utils.scripts_menu, "sort_order", rev) do -- Skip pollers, they've already been set under pollers section if not entry.menu_entry.section == "pollers" then system_entries[#system_entries + 1] = { entry = page_utils.menu_entries[entry.menu_entry.key], url = entry.url } end end -- Possibly add nEdge entries if is_nedge or is_appliance then -- Possibly add a divider if system_entries already contain elements if #system_entries > 0 then system_entries[#system_entries + 1] = { entry = page_utils.menu_entries.divider, hidden = not is_admin } end end if is_nedge then for _, entry in ipairs({ { entry = page_utils.menu_entries.system_setup, hidden = not is_admin, url = '/lua/system_setup_ui/interfaces.lua' }, { entry = page_utils.menu_entries.dhcp_static_leases, hidden = not is_admin or not ntop.isRoutingMode(), url = '/lua/pro/nedge/admin/dhcp_leases.lua' }, { entry = page_utils.menu_entries.dhcp_active_leases, hidden = not is_admin or not ntop.isRoutingMode(), url = '/lua/pro/nedge/admin/dhcp_active_leases.lua' }, { entry = page_utils.menu_entries.port_forwarding, hidden = not is_admin or not ntop.isRoutingMode(), url = '/lua/pro/nedge/admin/port_forwarding.lua' }, { entry = page_utils.menu_entries.rules_config, hidden = not is_admin or not ntop.isRoutingMode(), url = '/lua/pro/nedge/admin/rules_config.lua' }, { entry = page_utils.menu_entries.forwarders_config, hidden = not is_admin or not ntop.isRoutingMode(), url = '/lua/pro/nedge/admin/forwarders_config.lua' } }) do system_entries[#system_entries + 1] = entry end end if is_appliance then for _, entry in ipairs({ { entry = page_utils.menu_entries.system_setup, hidden = not is_admin, url = '/lua/system_setup_ui/mode.lua' } }) do system_entries[#system_entries + 1] = entry end end if #system_entries > 0 then page_utils.add_menubar_section({ section = page_utils.menu_sections.system_stats, hidden = not isAllowedSystemInterface() or not is_system_interface, entries = system_entries }) end -- ############################################## -- Pools page_utils.add_menubar_section({ hidden = true, -- Always add the pools menu (moved to the Hosts submenu) section = page_utils.menu_sections.pools, entries = { { entry = page_utils.menu_entries.manage_pools, hidden = not is_admin, url = '/lua/admin/manage_pools.lua' }, { entry = page_utils.menu_entries.host_members, hidden = not is_admin, url = '/lua/admin/manage_host_members.lua' } } }) -- ############################################## -- Notifications page_utils.add_menubar_section({ section = page_utils.menu_sections.notifications, hidden = not is_system_interface or not is_admin, url = '/lua/admin/endpoint_notifications_list.lua' }) -- ############################################## -- Rules & Policies page_utils.add_menubar_section({ section = page_utils.menu_sections.policies, hidden = infrastructure_view, entries = { { entry = page_utils.menu_entries.access_control_list, hidden = not is_admin or not ntop.isEnterpriseL(), url = '/lua/pro/admin/access_control_list.lua' }, { entry = page_utils.menu_entries.device_protocols, hidden = not is_admin, url = '/lua/admin/edit_device_protocols.lua' }, { entry = page_utils.menu_entries.device_exclusions, section = page_utils.menu_sections.hosts, hidden = not is_admin or not auth.has_capability(auth.capabilities.checks) or not ntop.isEnterpriseM() or not devices_exclusion_enabled, url = '/lua/pro/admin/edit_device_exclusions.lua' }, { entry = page_utils.menu_entries.network_config, section = page_utils.menu_sections.admin, hidden = not is_admin or not auth.has_capability(auth.capabilities.checks), url = '/lua/admin/network_configuration.lua' }, { entry = page_utils.menu_entries.traffic_rules, url = '/lua/pro/traffic_rules.lua', hidden = not ntop.isEnterprise() or not isAdministrator() }, {entry = page_utils.menu_entries.divider}, { entry = page_utils.menu_entries.scripts_config, section = page_utils.menu_sections.checks, hidden = not is_admin or not auth.has_capability(auth.capabilities.checks) or (tonumber(getSystemInterfaceId()) == tonumber(interface.getId())), -- disable checks for the system interface url = '/lua/admin/edit_configset.lua?subdir=all' }, { entry = page_utils.menu_entries.alert_exclusions, section = page_utils.menu_sections.admin, hidden = not is_admin or not auth.has_capability(auth.capabilities.checks) or not ntop.isEnterpriseM() or (tonumber(getSystemInterfaceId()) == tonumber(interface.getId())), url = '/lua/pro/admin/edit_alert_exclusions.lua?subdir=host' }, {entry = page_utils.menu_entries.divider}, { entry = page_utils.menu_entries.profiles, hidden = not is_admin or not ntop.isPro() or is_nedge, url = '/lua/pro/admin/edit_profiles.lua' } } }) page_utils.add_menubar_section({ section = page_utils.menu_sections.admin, hidden = not is_admin, entries = { { entry = page_utils.menu_entries.nedge_users, hidden = not is_admin or not is_nedge, url = '/lua/pro/nedge/admin/nf_list_users.lua' }, { entry = page_utils.menu_entries.manage_users, -- Note: 'not _SESSION["localuser"]' indicates that this is an external -- user (e.g. LDAP), in that case allow users management if fallback is enabled. hidden = not is_admin or (not _SESSION["localuser"] and not has_local_auth), url = '/lua/admin/users.lua' }, { entry = page_utils.menu_entries.preferences, hidden = not is_admin, url = '/lua/admin/prefs.lua' }, {entry = page_utils.menu_entries.divider}, { entry = page_utils.menu_entries.category_lists, hidden = not is_admin, url = '/lua/admin/blacklists.lua?enabled_status=enabled' }, { entry = page_utils.menu_entries.manage_configurations, hidden = not is_admin or not ntop.hasDumpCache(), url = '/lua/admin/manage_configurations.lua' }, {entry = page_utils.menu_entries.divider}, { entry = page_utils.menu_entries.categories, hidden = not is_admin, url = '/lua/admin/edit_categories.lua' } } }) -- ############################################## -- Developer if not info.oem and auth.has_capability(auth.capabilities.developer) then if not ntop.isEnterpriseM() or (has_developer_enabled) then page_utils.add_menubar_section({ section = page_utils.menu_sections.dev, entries = { { entry = page_utils.menu_entries.rest_api, url = '/lua/swagger.lua' }, { entry = page_utils.menu_entries.analyze_pcap, url = '/lua/upload_pcap.lua' }, { entry = page_utils.menu_entries.manage_data, hidden = not is_admin, url = '/lua/manage_data.lua' }, { entry = page_utils.menu_entries.checks_dev, url = '/lua/checks_overview.lua' }, { entry = page_utils.menu_entries.alert_definitions, url = '/lua/defs_overview.lua' }, { entry = page_utils.menu_entries.ts_definitions, url = '/lua/ts_overview.lua' }, { entry = page_utils.menu_entries.directories, url = '/lua/directories.lua' }, { entry = page_utils.menu_entries.api, url = 'https://www.ntop.org/guides/ntopng/api/' } } }) end end -- ############################################## -- About if not ntop.isEnterpriseM() or has_help_enabled then page_utils.add_menubar_section({ section = page_utils.menu_sections.about, hidden = info.oem, entries = { {entry = page_utils.menu_entries.about, url = '/lua/about.lua'}, { entry = page_utils.menu_entries.license, hidden = info["pro.forced_community"], url = '/lua/license.lua' }, { entry = page_utils.menu_entries.limits, url = '/lua/limits.lua' }, { entry = page_utils.menu_entries.blog, url = 'http://blog.ntop.org/' }, { entry = page_utils.menu_entries.telegram, url = 'https://t.me/ntop_community' }, { entry = page_utils.menu_entries.manual, url = 'https://www.ntop.org/guides/ntopng/' }, {entry = page_utils.menu_entries.divider}, { entry = page_utils.menu_entries.report_issue, url = 'https://github.com/ntop/ntopng/issues' }, { entry = page_utils.menu_entries.suggest_feature, url = 'https://www.ntop.org/support/need-help-2/contact-us/' } } }) end -- ############################################## page_utils.print_menubar() -- ############################################## -- Interface print([[ ]]) -- begging of #n-container print([[
]]) -- ################################################### -- Render toasts toasts_manager.render_toasts("main-container", toasts_manager.load_main_toasts()) -- ################################################### print("
") -- Hidden by default, will be shown by the footer if necessary print( '') -- Hidden by default, will be shown by the footer if necessary print( '') -- See if we are starting up and display an informative message local secs_to_first_data = interface.getSecsToFirstData() -- Do not show messages that stay too short on screen (5 sec or more) if secs_to_first_data > 5 then print [[ ]] end if not interface.isPcapDumpInterface() and interface.getNumLocalHosts() == 0 and interface.getNumHosts() > 5 and ntop.getUptime() > 60 then print( '') end if (_SESSION["INVALID_CSRF"]) then print( '') end -- end of main alerts print("
") -- append password change modal if (not is_admin) then dofile(dirs.installdir .. "/scripts/lua/inc/password_dialog.lua") end