File: example.lua

package info (click to toggle)
ntopng 5.2.1%2Bdfsg1-2
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 121,832 kB
  • sloc: javascript: 143,431; cpp: 71,175; ansic: 11,108; sh: 4,687; makefile: 911; python: 587; sql: 512; pascal: 234; perl: 118; ruby: 52; exp: 4
file content (78 lines) | stat: -rw-r--r-- 2,225 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
--
-- (C) 2019-22 - ntop.org
--

require "lua_utils"
local json = require "dkjson"
local alert_consts = require("alert_consts")

local example = {
  endpoint_params = {
  },
  endpoint_template = {
    plugin_key = "example_alert_endpoint",
    template_name = "example_endpoint.template"
  },
  recipient_params = {
  },
  recipient_template = {
    plugin_key = "example_alert_endpoint",
    template_name = "example_recipient.template"
  },
}

-- How often this script will be called (in seconds)
example.EXPORT_FREQUENCY = 5

-- The minimum severity for an alert in order to be exported by this endpoint
-- example.DEFAULT_SEVERITY = "warning"

-- This determines the invocation priority of this endpoint.
-- Higher priority endpoints are invoked first for the alert export.
example.prio = 500

-- ##############################################

-- Each endpoint has a dedicated redis queue for the alerts. This function
-- is called every EXPORT_FREQUENCY seconds and should check the alerts
-- queue for alerts and possibly export them.

-- @brief Process the pending alerts notifications from the queue
-- @params recipient the recipient information and configuration, including the queue name
-- @param budget the number of items to export (or number of external calls in batch mode)
-- @return {success = true} on success,
-- {success = false, error_message = "Some error description here"} on failure
function example.dequeueRecipientAlerts(recipient, budget)
  local exported = 0

  while exported < budget do
    local json_alert = ntop.lpopCache(recipient.export_queue)

    if not json_alert then
      break
    end

    local alert = json.decode(json_alert)

    -- Print the alert on the console.
    tprint(alert)

    -- Can filter the alerts based on some criteria
    if (alert.action == "engage") then
      if (alert_consts.getAlertType(alert.type) == "alert_threshold_cross") and
            (alert.alert_key == "min_active_local_hosts") then

        -- Export the alert, e.g. by running a custom bash script
        --os.execute("/tmp/my_script.sh")
      end
    end

    exported = exported + 1
  end

  return {success=true}
end

-- ##############################################

return example