114 lines
3.6 KiB
JavaScript
114 lines
3.6 KiB
JavaScript
var alerts = [];
|
|
var alertDates = []
|
|
|
|
const {v4: uuidv4} = require('uuid');
|
|
function addAlert(first_seen, srv_city_name, ip_version, action, pool_id, srv_continent_name, score, entity_val, vlan_id, cli2srv_bytes, cli_country_name, entity_id, srv_asn, l7_proto, is_cli_attacker, srv_name, srv_ip, proto, json, srv_country_name, community_id, alert_id, is_srv_attacker, srv_blacklisted, alerts_map, srv_os, cli_localhost, cli_asn, srv2cli_packets, cli2srv_packets, tstamp, cli_name, cli_continent_name, srv2cli_bytes, l7_cat, ifid, observation_point_id, srv_localhost, cli_port, cli_blacklisted, dns_last_query, is_flow_alert, srv_port, l7_master_proto, is_cli_victim, cli_ip, cli_city_name, cli_os, is_srv_victim){
|
|
// function addAlert(srv_name, srv_ip, srv_port, json, cli_ip, cli_port){
|
|
var data = {
|
|
uid: uuidv4(),
|
|
first_seen:first_seen,
|
|
srv_city_name:srv_city_name,
|
|
ip_version:ip_version,
|
|
action:action,
|
|
pool_id:pool_id,
|
|
srv_continent_name:srv_continent_name,
|
|
score:score,
|
|
entity_val:entity_val,
|
|
vlan_id:vlan_id,
|
|
cli2srv_bytes:cli2srv_bytes,
|
|
cli_country_name:cli_country_name,
|
|
entity_id:entity_id,
|
|
srv_asn:srv_asn,
|
|
l7_proto:l7_proto,
|
|
is_cli_attacker:is_cli_attacker,
|
|
srv_name:srv_name,
|
|
srv_ip:srv_ip,
|
|
proto:proto,
|
|
json:json,
|
|
srv_country_name:srv_country_name,
|
|
community_id:community_id,
|
|
alert_id:alert_id,
|
|
is_srv_attacker:is_srv_attacker,
|
|
srv_blacklisted:srv_blacklisted,
|
|
alerts_map:alerts_map,
|
|
srv_os:srv_os,
|
|
cli_localhost:cli_localhost,
|
|
cli_asn:cli_asn,
|
|
srv2cli_packets:srv2cli_packets,
|
|
cli2srv_packets:cli2srv_packets,
|
|
tstamp:tstamp,
|
|
cli_name:cli_name,
|
|
cli_continent_name:cli_continent_name,
|
|
srv2cli_bytes:srv2cli_bytes,
|
|
l7_cat:l7_cat,
|
|
'proto.ndpi': 'DNS',
|
|
ifid:ifid,
|
|
observation_point_id:observation_point_id,
|
|
srv_localhost:srv_localhost,
|
|
cli_port:cli_port,
|
|
cli_blacklisted:cli_blacklisted,
|
|
dns_last_query:dns_last_query,
|
|
is_flow_alert:is_flow_alert,
|
|
srv_port:srv_port,
|
|
l7_master_proto:l7_master_proto,
|
|
is_cli_victim:is_cli_victim,
|
|
cli_ip:cli_ip,
|
|
cli_city_name:cli_city_name,
|
|
cli_os:cli_os,
|
|
is_srv_victim:is_srv_victim
|
|
}
|
|
|
|
|
|
if(!alerts.some(x => x.cli_ip === data.cli_ip && x.srv_ip === data.srv_ip)) {
|
|
const date = new Date();
|
|
const nowminutes = date.getMinutes();
|
|
if(alertDates.some(x => x.minute === nowminutes)){
|
|
const dataIndex = alertDates.findIndex(ad => ad.minute === nowminutes);
|
|
alertDates[dataIndex].uids.push(data.uid);
|
|
}else{
|
|
var alertMinute = {
|
|
uids: [data.uid],
|
|
date: date,
|
|
minute: nowminutes
|
|
}
|
|
alertDates.push(alertMinute)
|
|
}
|
|
alerts.push(data);
|
|
return data.uid
|
|
}
|
|
}
|
|
|
|
function delAlerts(uids){
|
|
uids.forEach(uid => delAlert(uid))
|
|
}
|
|
|
|
function delAlert(uid){
|
|
console.log(uid)
|
|
alerts = alerts.filter(a => a.uid !== uid)
|
|
}
|
|
|
|
function delAlertDate(date){
|
|
console.log(date)
|
|
alertDates = alertDates.filter(ad => ad.date !== date )
|
|
}
|
|
|
|
function getAlertDates(){
|
|
return alertDates;
|
|
}
|
|
|
|
function getAlerts(){
|
|
return alerts;
|
|
}
|
|
|
|
function getAlert(uid){
|
|
return alerts.filter(i => i.uid === uid)[0];
|
|
}
|
|
|
|
module.exports = {
|
|
getAlerts,
|
|
getAlert,
|
|
addAlert,
|
|
getAlertDates,
|
|
delAlertDate,
|
|
delAlerts
|
|
}; |