ntop · DGabri · Aug 29, 2024 · Aug 29, 2024
diff --git a/scripts/lua/flow_details.lua b/scripts/lua/flow_details.lua
@@ -1436,6 +1436,7 @@ else
 		   local mitre_info = nil
 		   local status_icon = ""
 		   local riskLabel = riskInfo[tostring(score_alert.alert_risk)]
+           local alert_risk = score_alert.alert_risk
 
 		   if (riskLabel ~= nil) then
 		      riskLabel = shortenString(riskLabel, 64)
@@ -1449,6 +1450,7 @@ else
 
             if (tonumber(score_alert.alert_risk) == 0) then
                 alert_src = "ntopng"
+                alert_risk = score_alert.alert_id
             else
                 alert_src = "nDPI"
             end
@@ -1471,7 +1473,7 @@ else
                     local msg = string.format('<td> %s </td><td style=\"text-align: center;\"> %s </td><td> %s %s %s</td>',
 					      score_alert.message .. alert_source,
 					      '<span style="color:' .. severity.color .. '">' .. score_alert.score .. '</span>',
-					      riskLabel, (score_alert.alert_risk > 0 and flow_risk_utils.get_documentation_link(score_alert.alert_risk, alert_src)) or '',
+					      riskLabel, (score_alert.alert_risk > 0 and flow_risk_utils.get_documentation_link(alert_risk, alert_src)) or '',
 					      status_icon or '')
                     print(msg)
 
@@ -1500,7 +1502,7 @@ else
 		       end
 
 		       print('<td style=\"text-align: center;\">'..
-			     flow_risk_utils.get_remediation_documentation_link(score_alert.alert_risk, alert_src)
+			     flow_risk_utils.get_remediation_documentation_link(alert_risk, alert_src)
 			     .. '</td>')
 
 		       print('<td nowrap>')

diff --git a/scripts/lua/modules/alert_utils.lua b/scripts/lua/modules/alert_utils.lua
@@ -391,6 +391,7 @@ function alert_utils.formatFlowAlertMessage(ifid, alert, alert_json, add_score,
 
         if (tonumber(alert_risk) == 0) then 
             alert_src = "ntopng"
+            alert_risk = tonumber(alert.alert_id)
         else
             alert_src = "nDPI"
         end
@@ -429,12 +430,12 @@ function alert_utils.formatFlowAlertMessage(ifid, alert, alert_json, add_score,
 	 msg = alert_utils.format_score(msg, alert_score)
       end
    end
-
+   
    -- Add the link to the documentation
    if alert_risk and alert_risk > 0 then
       msg = string.format("%s %s %s",
 			  msg, flow_risk_utils.get_documentation_link(alert_risk, alert_src),
-			  flow_risk_utils.get_remediation_documentation_link(alert.alert_id, alert_src))
+			  flow_risk_utils.get_remediation_documentation_link(alert_risk, alert_src))
       local info_msg = alert_utils.get_flow_risk_info(alert_risk, alert_json)
 
       -- Add check info_msg ~= alert.info to avoid duplicated in description msg

diff --git a/scripts/lua/modules/historical_flow_details_formatter.lua b/scripts/lua/modules/historical_flow_details_formatter.lua
@@ -211,7 +211,7 @@ end
 
 -- a###############################################
 
-local function format_historical_issue_description(alert_id, score, title, msg, info, alert_scores)
+local function format_historical_issue_description(alert_id, score, title, msg, info, alert_scores, add_remediation)
    local alert_consts = require "alert_consts"
    local alert_entities = require "alert_entities"
 
@@ -229,6 +229,7 @@ local function format_historical_issue_description(alert_id, score, title, msg,
 
    if (tonumber(alert_risk) == 0) then
       alert_src = "ntopng"
+      alert_risk = alert_id
    else
       alert_src = "nDPI"
    end
@@ -238,9 +239,14 @@ local function format_historical_issue_description(alert_id, score, title, msg,
    local severity_id = map_score_to_severity(score)
    local severity = alert_consts.alertSeverityById(severity_id)
    local remediation = flow_risk_utils.get_remediation_documentation_link(alert_risk, alert_src)
-
+   
    local html = "<tr><td>" .. (msg or "") .. alert_source .. "</td>" .. '<td align=center><span style="color:' .. severity.color .. '">' .. score .. '</span></td>'
-   html = html .. "<td>" .. info .. remediation .."</td>"
+
+   if (add_remediation) then
+      html = html .. "<td>" .. info .. remediation .."</td>"
+   else
+      html = html .. "<td>" .. info .."</td>"
+   end
 
    -- Add Mitre info
    local alert_key  = alert_consts.getAlertType(alert_id, alert_entities.flow.entity_id)
@@ -322,25 +328,25 @@ local function format_historical_issues(flow_details, flow)
 
       html = "<table class=\"table table-bordered table-striped\" width=100%>\n"
       html = html .. "<tr><th>" .. i18n("description") ..  "</th><th>" .. i18n("score") .. "</th><th>".. i18n("info") .. " / ".. i18n("remediation").. "</th><th>".. i18n("mitre_id") .. "</th></tr>\n"
-      html = html .. format_historical_issue_description(tostring(alert_id), tonumber(main_alert_score), i18n("issues_score"), alert_label, details, alert_scores)
+      html = html .. format_historical_issue_description(tostring(alert_id), tonumber(main_alert_score), i18n("issues_score"), alert_label, details, alert_scores, false)
    end
-
+   
    local alert_utils = require "alert_utils"
    local _, other_issues = alert_utils.format_other_alerts(flow['ALERTS_MAP'], flow['STATUS'], alert_json, false, nil, true)
 
    if table.len(other_issues) > 0 then
       for _, issue in pairs(other_issues or {}) do
-	 local msg, info
-	 local pieces = string.split(issue.msg, "%[")
-
-	 if(pieces ~= nil) then
-	    msg  = pieces[1]
-	    info = string.gsub(pieces[2], "%]", "")
-	 else
-	    msg = issue.msg
-	    info = ""
-	 end
-	 html = html .. format_historical_issue_description(tostring(issue.alert_id), tonumber(issue.score), '', msg, info, alert_scores) 
+         local msg, info
+         local pieces = string.split(issue.msg, "%[")
+
+         if(pieces ~= nil) then
+            msg  = pieces[1]
+            info = string.gsub(pieces[2], "%]", "")
+         else
+            msg = issue.msg
+            info = ""
+         end
+         html = html .. format_historical_issue_description(tostring(issue.alert_id), tonumber(issue.score), '', msg, info, alert_scores, true) 
       end
    end
 
@@ -587,7 +593,7 @@ function historical_flow_details_formatter.formatHistoricalFlowDetails(flow)
       end
 
       if (info["score"]) and (info["score"]["value"] ~= 0) then
-	 flow_details = format_historical_issues(flow_details, flow)
+	      flow_details = format_historical_issues(flow_details, flow)
       end
 
       if (info['COMMUNITY_ID']) and (not isEmptyString(info['COMMUNITY_ID'])) then