alert_type_params: the value will go in the JSON file.Ī plugin enables one or more statuses to be set on certain flows.It must return these information with a Lua table: return. a contains basic plugin information such as name, description and version. $ mkdir unexpected_dns Step 2: Create the a So let’s create our folder unexpected_dns, this folder contains all the plugin’s sources and configurations. Plugins are grouped in categories, in this case alerts/security is the correct one. Usually people clone code from git (cd ~/ git clone ) and develop the plugins in this directory as installation directories are not writeable (unless you are root). Note that this is the installation directory used by packages. So typically you plugin directory will be If you want to know what directories are used by your system see the enclosed picture that shows in your system what are the directories in use. Ntopng stores plugins under /scripts/plugins. These are the steps to implement the plugin. The plugin source code described in this post can be found here and is has been authored by Daniele Zulberti and Luca Argentieri. Here we drive you through the creation of a plugin for generating alerts when an unexpected DNS server is observed: this is useful to spot hosts that have a custom DNS configured or scanners applications. This short tutorial explains you how to do that step-by-step. In ntopng you can write plugins to extend it with custom features.
0 Comments
Leave a Reply. |