vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 23:49:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
ntopng/scripts/lua/modules/tracker.lua
Alfredo Cardigliano 9241a3c3e4 Added tracking of selected preferences (alerts settings)
2018-12-05 06:41:56 +01:00

146 lines
3.4 KiB
Lua
Raw Blame History

--
-- (C) 2017-18 - ntop.org
--
local json = require "dkjson"
local tracker = {}
function tracker.log(f_name, f_args)
local jobj = {
scope = 'function',
name = f_name,
params = f_args
}
local entity = alertEntity("user")
local entity_value = ternary(_SESSION["user"] ~= nil, _SESSION["user"], 'system')
local alert_type = alertType("alert_user_activity")
local alert_severity = alertSeverity("info")
local alert_json = json.encode(jobj)
-- tprint(alert_json)
local old_iface = interface.getStats().id
local sys_iface = getFirstInterfaceId()
interface.select(tostring(sys_iface))
interface.storeAlert(entity, entity_value, alert_type, alert_severity, alert_json)
interface.select(tostring(old_iface))
end
local function tracker_filter_pref(key)
local k = key:gsub("^ntopng%.prefs%.", "")
if k == "disable_alerts_generation" or
k == "mining_alerts" or
k == "probing_alerts" or
k == "ssl_alerts" or
k == "dns_alerts" or
k == "ip_reassignment_alerts" or
k == "remote_to_remote_alerts" or
k == "mining_alerts" or
k == "host_blacklist" or
k == "device_protocols_alerts" or
k == "alerts.device_first_seen_alert" or
k == "alerts.device_connection_alert" or
k == "alerts.pool_connection_alert" or
k == "alerts.external_notifications_enabled"
--[[ FIXX By enaling alert endpoints, setPref is called for all endpoints settings pushing many alerts
or
k == "alerts.email_notifications_enabled" or
k == "alerts.slack_notifications_enabled" or
k == "alerts.syslog_notifications_enabled" or
k == "alerts.nagios_notifications_enabled" or
starts(k, "alerts.email_") or
starts(k, "alerts.smtp_") or
starts(k, "alerts.slack_") or
starts(k, "alerts.nagios_") or
starts(k, "nagios_"
--]]
then
return true
end
return false
end
local function tracker_filter(f_name, f_args)
if (f_name == 'setPref' and (f_args[1] == nil or not tracker_filter_pref(f_args[1]))) then
return false
end
return true
end
function tracker.hook(f, name)
return function(...)
local f_name = name
if f_name == nil then
f_name = debug.getinfo(1, "n").name
end
local f_args = {}
for k, v in pairs({...}) do
if (f_name == 'addUser' and k == 3) or
(f_name == 'resetUserPassword' and k == 4) then
-- hiding password
f_args[k] = ''
else
f_args[k] = tostring(v)
end
end
local result = {f(...)}
if f_name ~= nil and tracker_filter(f_name, f_args) then
tracker.log(f_name, f_args)
end
return table.unpack(result)
end
end
function tracker.track_ntop()
local fns = {
"addUser",
"deleteUser",
"resetUserPassword",
"runLiveExtraction",
"dumpBinaryFile",
"setPref",
}
for _, fn in pairs(fns) do
if ntop[fn] and type(ntop[fn]) == "function" then
ntop[fn] = tracker.hook(ntop[fn])
end
end
end
function tracker.track_interface()
local fns = {
"liveCapture",
}
for _, fn in pairs(fns) do
if interface[fn] and type(interface[fn]) == "function" then
interface[fn] = tracker.hook(interface[fn])
end
end
end
function tracker.track(table, fn)
if table[fn] ~= nil and type(table[fn]) == "function" then
table[fn] = tracker.hook(table[fn], fn)
else
io.write("tracker: "..fn.." is not defined or not a function\n")
end
end
-- #################################
return tracker
Reference in a new issue View git blame Copy permalink