mirror of
https://github.com/ntop/ntopng.git
synced 2026-05-03 01:10:10 +00:00
ab1690ad9e
[FlowsK] alert_blacklisted_country.lua [FlowsK] alert_flow_blacklisted.lua [FlowsK] alert_device_protocol_not_allowed.lua [FlowsK] external_alert.lua [FlowsK] alert_potentially_dangerous_protocol.lua [FlowsK] tls_certificate_mismatch.lua [FlowsK] tls_certificate_expired.lua [FlowsK] tls_malicious_signature.lua [FlowsK] elephant_flows.lua [FlowsK] not_purged.lua [FlowsK] web_mining.lua [FlowsK] potentially_dangerous.lua [FlowsK] alert_flow_blocked.lua
39 lines
971 B
Lua
39 lines
971 B
Lua
--
|
|
-- (C) 2019-20 - ntop.org
|
|
--
|
|
|
|
local flow_consts = require("flow_consts")
|
|
local user_scripts = require("user_scripts")
|
|
|
|
-- #################################################################
|
|
|
|
local script = {
|
|
-- Script category
|
|
category = user_scripts.script_categories.security,
|
|
|
|
-- NOTE: hooks defined below
|
|
hooks = {},
|
|
|
|
gui = {
|
|
i18n_title = "flow_callbacks_config.web_mining",
|
|
i18n_description = "flow_callbacks_config.web_mining_description",
|
|
}
|
|
}
|
|
|
|
-- #################################################################
|
|
|
|
function script.hooks.protocolDetected(now)
|
|
if(flow.getnDPICategoryName() == "Mining") then
|
|
flow.triggerStatus(
|
|
flow_consts.status_types.status_web_mining_detected.builder(
|
|
flow_consts.status_types.status_web_mining_detected.alert_severity
|
|
),
|
|
50 --[[ flow score]],
|
|
50 --[[ cli score ]],
|
|
10 --[[ srv score ]])
|
|
end
|
|
end
|
|
|
|
-- #################################################################
|
|
|
|
return script
|