EVOLUTION-MANAGER
Edit File: ts.lua
-- -- (C) 2013-21 - ntop.org -- local dirs = ntop.getDirs() package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path package.path = dirs.installdir .. "/scripts/lua/modules/alert_store/?.lua;" .. package.path local alert_utils = require "alert_utils" local alert_consts = require "alert_consts" local alert_entities = require "alert_entities" local rest_utils = require("rest_utils") local alert_severities = require "alert_severities" local auth = require "auth" -- local flow_alert_store = require "flow_alert_store".new() -- local host_alert_store = require "host_alert_store".new() -- -- Read alerts data as timeseries (number of alerts per hour) -- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "6", "status": "historical-flows", "epoch_begin": 1590226522, "epoch_end": 1590485722}' http://localhost:3000/lua/rest/v1/get/alert/ts.lua -- -- NOTE: in case of invalid login, no error is returned but redirected to login -- sendHTTPHeader('application/json') local rc = rest_utils.consts.success.ok local res = {} local ifid = _GET["ifid"] local what = _GET["status"] -- historical, historical-flows local epoch_begin = _GET["epoch_begin"] local epoch_end = _GET["epoch_end"] local alert_type = _GET["alert_type"] local alert_severity = _GET["alert_severity"] local host_info = url2hostinfo(_GET) if not auth.has_capability(auth.capabilities.alerts) then rest_utils.answer(rest_utils.consts.err.not_granted) return end if isEmptyString(ifid) then rc = rest_utils.consts.err.invalid_interface rest_utils.answer(rc) return end interface.select(ifid) if isEmptyString(what) then rc = rest_utils.consts.err.invalid_args print(rest_utils.rc(rc)) return end if isEmptyString(epoch_begin) or isEmptyString(epoch_end) then rc = rest_utils.consts.err.invalid_args print(rest_utils.rc(rc)) return end epoch_begin = tonumber(epoch_begin); epoch_end = tonumber(epoch_end); if epoch_end <= epoch_begin then rc = rest_utils.consts.err.invalid_args print(rest_utils.rc(rc)) return end local hour_secs = 60*60 local day_secs = 60*60*24 -- Round begin to start of day epoch_begin = epoch_begin - (epoch_begin % day_secs) -- Round end to end of day epoch_end = epoch_end - (epoch_end % day_secs) + day_secs local days = (epoch_end - epoch_begin) / day_secs local engaged = false if what == "engaged" then engaged = true end for day = 1, days do local day_epoch = epoch_begin + ((day - 1) * day_secs) res[day_epoch] = { 0, --[[ Counter for alerts between 00:00 and 00:59 UTC --]] 0, --[[ Counter for alerts between 01:00 and 01:59 UTC --]] 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 --[[ Counter for alerts in other hours, until 23:00 to 23:59 --]] } end --[[ This API is no longer supported - returning 0 counters for the time being local counters = alert_utils.getNumAlertsPerHour(what, epoch_begin, epoch_end, alert_type, alert_severity, host_info) if counters == nil then rc = rest_utils.consts.err.internal_error print(rest_utils.rc(rc)) return end for k,v in ipairs(counters) do -- Midnight UTC of the day containing v.hour local day_epoch = v.hour - (v.hour % day_secs) -- Hour of the day containing v.hour, from 0 to 23, inclusive -- NOTE: Use the `floor` to make sure hour is an integer as it will be used to index a Lua array local hour = math.floor((v.hour - day_epoch) / hour_secs) -- Here we add 1 to the hour as Lua array are indexed starting from 1, whereas `hour` is an integer starting from zero res[day_epoch][hour + 1] = tonumber(v.count) end -- for --]] print(rest_utils.rc(rc, res))