From bf9e64e9f182e12ebc1460ccc86f1b248e969d4f Mon Sep 17 00:00:00 2001 From: DGabri Date: Thu, 29 Aug 2024 16:40:11 +0200 Subject: [PATCH] Fixed remediations link not working --- scripts/lua/flow_details.lua | 6 ++- scripts/lua/modules/alert_utils.lua | 5 ++- .../historical_flow_details_formatter.lua | 40 +++++++++++-------- 3 files changed, 30 insertions(+), 21 deletions(-) diff --git a/scripts/lua/flow_details.lua b/scripts/lua/flow_details.lua index 93a18dbd1da8..104741c0ef30 100644 --- a/scripts/lua/flow_details.lua +++ b/scripts/lua/flow_details.lua @@ -1436,6 +1436,7 @@ else local mitre_info = nil local status_icon = "" local riskLabel = riskInfo[tostring(score_alert.alert_risk)] + local alert_risk = score_alert.alert_risk if (riskLabel ~= nil) then riskLabel = shortenString(riskLabel, 64) @@ -1449,6 +1450,7 @@ else if (tonumber(score_alert.alert_risk) == 0) then alert_src = "ntopng" + alert_risk = score_alert.alert_id else alert_src = "nDPI" end @@ -1471,7 +1473,7 @@ else local msg = string.format(' %s %s %s %s %s', score_alert.message .. alert_source, '' .. score_alert.score .. '', - riskLabel, (score_alert.alert_risk > 0 and flow_risk_utils.get_documentation_link(score_alert.alert_risk, alert_src)) or '', + riskLabel, (score_alert.alert_risk > 0 and flow_risk_utils.get_documentation_link(alert_risk, alert_src)) or '', status_icon or '') print(msg) @@ -1500,7 +1502,7 @@ else end print(''.. - flow_risk_utils.get_remediation_documentation_link(score_alert.alert_risk, alert_src) + flow_risk_utils.get_remediation_documentation_link(alert_risk, alert_src) .. '') print('') diff --git a/scripts/lua/modules/alert_utils.lua b/scripts/lua/modules/alert_utils.lua index ef54b7c13059..50943cb56d5b 100644 --- a/scripts/lua/modules/alert_utils.lua +++ b/scripts/lua/modules/alert_utils.lua @@ -391,6 +391,7 @@ function alert_utils.formatFlowAlertMessage(ifid, alert, alert_json, add_score, if (tonumber(alert_risk) == 0) then alert_src = "ntopng" + alert_risk = tonumber(alert.alert_id) else alert_src = "nDPI" end @@ -429,12 +430,12 @@ function alert_utils.formatFlowAlertMessage(ifid, alert, alert_json, add_score, msg = alert_utils.format_score(msg, alert_score) end end - + -- Add the link to the documentation if alert_risk and alert_risk > 0 then msg = string.format("%s %s %s", msg, flow_risk_utils.get_documentation_link(alert_risk, alert_src), - flow_risk_utils.get_remediation_documentation_link(alert.alert_id, alert_src)) + flow_risk_utils.get_remediation_documentation_link(alert_risk, alert_src)) local info_msg = alert_utils.get_flow_risk_info(alert_risk, alert_json) -- Add check info_msg ~= alert.info to avoid duplicated in description msg diff --git a/scripts/lua/modules/historical_flow_details_formatter.lua b/scripts/lua/modules/historical_flow_details_formatter.lua index 7f8857c43495..d28eeb61fb53 100644 --- a/scripts/lua/modules/historical_flow_details_formatter.lua +++ b/scripts/lua/modules/historical_flow_details_formatter.lua @@ -211,7 +211,7 @@ end -- a############################################### -local function format_historical_issue_description(alert_id, score, title, msg, info, alert_scores) +local function format_historical_issue_description(alert_id, score, title, msg, info, alert_scores, add_remediation) local alert_consts = require "alert_consts" local alert_entities = require "alert_entities" @@ -229,6 +229,7 @@ local function format_historical_issue_description(alert_id, score, title, msg, if (tonumber(alert_risk) == 0) then alert_src = "ntopng" + alert_risk = alert_id else alert_src = "nDPI" end @@ -238,9 +239,14 @@ local function format_historical_issue_description(alert_id, score, title, msg, local severity_id = map_score_to_severity(score) local severity = alert_consts.alertSeverityById(severity_id) local remediation = flow_risk_utils.get_remediation_documentation_link(alert_risk, alert_src) - + local html = "" .. (msg or "") .. alert_source .. "" .. '' .. score .. '' - html = html .. "" .. info .. remediation .."" + + if (add_remediation) then + html = html .. "" .. info .. remediation .."" + else + html = html .. "" .. info .."" + end -- Add Mitre info local alert_key = alert_consts.getAlertType(alert_id, alert_entities.flow.entity_id) @@ -322,25 +328,25 @@ local function format_historical_issues(flow_details, flow) html = "\n" html = html .. "\n" - html = html .. format_historical_issue_description(tostring(alert_id), tonumber(main_alert_score), i18n("issues_score"), alert_label, details, alert_scores) + html = html .. format_historical_issue_description(tostring(alert_id), tonumber(main_alert_score), i18n("issues_score"), alert_label, details, alert_scores, false) end - + local alert_utils = require "alert_utils" local _, other_issues = alert_utils.format_other_alerts(flow['ALERTS_MAP'], flow['STATUS'], alert_json, false, nil, true) if table.len(other_issues) > 0 then for _, issue in pairs(other_issues or {}) do - local msg, info - local pieces = string.split(issue.msg, "%[") - - if(pieces ~= nil) then - msg = pieces[1] - info = string.gsub(pieces[2], "%]", "") - else - msg = issue.msg - info = "" - end - html = html .. format_historical_issue_description(tostring(issue.alert_id), tonumber(issue.score), '', msg, info, alert_scores) + local msg, info + local pieces = string.split(issue.msg, "%[") + + if(pieces ~= nil) then + msg = pieces[1] + info = string.gsub(pieces[2], "%]", "") + else + msg = issue.msg + info = "" + end + html = html .. format_historical_issue_description(tostring(issue.alert_id), tonumber(issue.score), '', msg, info, alert_scores, true) end end @@ -587,7 +593,7 @@ function historical_flow_details_formatter.formatHistoricalFlowDetails(flow) end if (info["score"]) and (info["score"]["value"] ~= 0) then - flow_details = format_historical_issues(flow_details, flow) + flow_details = format_historical_issues(flow_details, flow) end if (info['COMMUNITY_ID']) and (not isEmptyString(info['COMMUNITY_ID'])) then
" .. i18n("description") .. "" .. i18n("score") .. "".. i18n("info") .. " / ".. i18n("remediation").. "".. i18n("mitre_id") .. "