Contribute
Contribute to the project by sending encrypted, anonymous telemetry data to ntop.org.
Alert and Flow Status Definitions
Alert Key | |
---|---|
1 | alert_blacklisted_country |
2 | alert_broadcast_domain_too_large |
3 | alert_device_connection |
4 | alert_device_disconnection |
5 | alert_device_protocol_not_allowed |
6 | alert_dropped_alerts |
7 | external_alert |
8 | alert_flow_blacklisted |
9 | alert_flow_blocked |
10 | alert_flow_misbehaviour |
11 | alert_flows_flood |
12 | alert_ghost_network |
13 | alert_host_pool_connection |
14 | alert_host_pool_disconnection |
16 | alert_influxdb_error |
17 | alert_influxdb_export_failure |
18 | alert_internals |
19 | alert_ip_outsite_dhcp_range |
20 | alert_list_download_failed |
21 | alert_login_failed |
22 | alert_mac_ip_association_change |
23 | alert_malicious_signature |
25 | alert_misconfigured_app |
26 | alert_new_device |
27 | alert_nfq_flushed |
28 | alert_none |
29 | alert_periodic_activity_not_executed |
30 | alert_am_threshold_cross |
31 | alert_port_duplexstatus_change |
32 | alert_port_errors |
33 | alert_port_load_threshold_exceeded |
34 | alert_port_mac_changed |
35 | alert_port_status_change |
36 | alert_potentially_dangerous_protocol |
37 | alert_process_notification |
38 | alert_quota_exceeded |
39 | alert_remote_to_remote |
40 | alert_request_reply_ratio |
41 | alert_slow_periodic_activity |
42 | alert_slow_purge |
43 | alert_snmp_device_reset |
44 | alert_snmp_topology_changed |
45 | alert_suspicious_activity |
46 | alert_tcp_syn_flood |
47 | alert_tcp_syn_scan |
49 | alert_threshold_cross |
50 | alert_too_many_drops |
51 | alert_udp_unidirectional |
53 | alert_user_activity |
54 | alert_user_script_calls_drops |
55 | alert_web_mining |
56 | alert_connection_issues |
57 | alert_suspicious_file_transfer |
58 | alert_known_proto_on_non_std_port |
59 | alert_host_log |
60 | alert_attack_mitigation_via_snmp |
61 | alert_iec104_error |
62 | alert_flow_risk |
63 | alert_unexpected_dns |
64 | alert_unexpected_smtp |
65 | alert_unexpected_dhcp |
66 | alert_unexpected_ntp |
68 | alert_lateral_movement |
69 | alert_list_download_succeeded |
Status Key | |
---|---|
0 | status_normal |
1 | status_blacklisted |
2 | status_blacklisted_country |
3 | status_blocked |
4 | status_data_exfiltration |
5 | status_device_protocol_not_allowed |
6 | status_dns_data_exfiltration |
7 | status_dns_invalid_query |
8 | status_elephant_local_to_remote |
9 | status_elephant_remote_to_local |
10 | status_external_alert |
11 | status_longlived |
12 | status_low_goodput |
13 | status_malicious_signature |
14 | status_not_purged |
15 | status_potentially_dangerous |
16 | status_remote_to_remote |
17 | status_suspicious_tcp_probing |
18 | status_suspicious_tcp_syn_probing |
19 | status_tcp_connection_issues |
20 | status_tcp_connection_refused |
21 | status_tcp_severe_connection_issues |
22 | status_tls_certificate_expired |
23 | status_tls_certificate_mismatch |
24 | status_tls_old_protocol_version |
25 | status_tls_unsafe_ciphers |
26 | status_udp_unidirectional |
27 | status_web_mining_detected |
28 | status_tls_certificate_selfsigned |
29 | status_suspicious_file_transfer |
30 | status_known_proto_on_non_std_port |
31 | status_flow_risk |
32 | status_unexpected_dhcp |
33 | status_unexpected_dns |
34 | status_unexpected_smtp |
35 | status_unexpected_ntp |