diff --git a/attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt b/attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt new file mode 100644 index 0000000..ccf2f49 --- /dev/null +++ b/attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt @@ -0,0 +1,81 @@ + crontab -u ids -l +# ============================================ +# SISTEMA IDS - CONFIGURAZIONE AUTOMATICA +# ============================================ + +# Training ML ogni 12 ore (alle 00:00 e 12:00) +0 */12 * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/train', json={'max_records': 10000, 'hours_back': 24})" >> /var/log/ids/training.log 2>&1 + +# Detection automatica ogni 5 minuti +*/5 * * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/detect', json={'max_records': 5000, 'auto_block': True, 'risk_threshold': 75})" >> /var/log/ids/detect.log 2>&1 + +# Verifica processo backend Python ogni 5 minuti (riavvia se non attivo) +*/5 * * * * /opt/ids/deployment/check_backend.sh >> /var/log/ids/cron.log 2>&1 + +# Verifica processo frontend ogni 5 minuti (riavvia se non attivo) +*/5 * * * * /opt/ids/deployment/check_frontend.sh >> /var/log/ids/cron.log 2>&1 + +# Pulizia log settimanale (ogni domenica alle 02:00) +0 2 * * 0 find /var/log/ids -name "*.log" -size +100M -exec truncate -s 50M {} \; >> /var/log/ids/cron.log 2>&1 + +# Restart completo del sistema ogni settimana (domenica alle 03:00) +0 3 * * 0 /opt/ids/deployment/restart_all.sh >> /var/log/ids/cron.log 2>&1 + +# Backup database giornaliero (alle 04:00) +0 4 * * * /opt/ids/deployment/backup_db.sh >> /var/log/ids/cron.log 2>&1 +[root@ids ids]# curl -X POST http://localhost:8000/train \ + -H "Content-Type: application/json" \ + -d '{"max_records": 100000, "hours_back": 24}' +{"message":"Training avviato in background","max_records":100000,"hours_back":24}[root@ids ids]# +psql -h 127.0.0.1 -U ids_user -d ids_database -c " +SELECT model_version, records_processed, status, trained_at +FROM training_history +ORDER BY trained_at DESC +LIMIT 10; +" +Password for user ids_user: + model_version | records_processed | status | trained_at +---------------+-------------------+--------+------------ +(0 rows) + +[root@ids var]# psql -h 127.0.0.1 -U ids_user -d ids_database -c " +SELECT source_ip, risk_score, detected_at +FROM detections +ORDER BY detected_at DESC +LIMIT 20; +" +Password for user ids_user: + source_ip | risk_score | detected_at +----------------+------------+---------------------------- + 64.34.90.127 | 77.42 | 2025-11-18 08:25:29.648227 + 10.0.249.226 | 78.49 | 2025-11-18 08:25:29.648227 + 10.0.249.26 | 78.65 | 2025-11-18 08:25:29.648227 + 72.46.85.161 | 78.76 | 2025-11-18 08:25:29.648227 + 160.202.129.17 | 78.98 | 2025-11-18 08:25:29.648227 + 213.175.208.76 | 79.34 | 2025-11-18 08:25:29.648227 + 67.213.119.137 | 79.84 | 2025-11-18 08:25:29.648227 + 185.203.25.157 | 82.51 | 2025-11-18 08:25:29.648227 + 10.1.0.254 | 84.36 | 2025-11-18 08:25:29.648227 + 185.203.25.254 | 85.57 | 2025-11-18 08:25:29.648227 + 185.203.25.69 | 85.87 | 2025-11-18 08:25:29.648227 + 10.0.254.124 | 87.74 | 2025-11-18 08:25:29.648227 + 37.59.16.12 | 90.28 | 2025-11-18 08:25:29.648227 + 79.124.56.186 | 91.24 | 2025-11-18 08:25:29.648227 + 37.59.16.20 | 91.24 | 2025-11-18 08:25:29.648227 + 10.0.249.160 | 91.35 | 2025-11-18 08:25:29.648227 + 54.36.50.241 | 92.52 | 2025-11-18 08:25:29.648227 + 185.203.26.17 | 92.52 | 2025-11-18 08:25:29.648227 + 185.203.26.34 | 92.63 | 2025-11-18 08:25:29.648227 + 185.203.24.23 | 95.45 | 2025-11-18 08:25:29.648227 +(20 rows) +psql -h 127.0.0.1 -U ids_user -d ids_database -c " +SELECT model_version, records_processed, status, trained_at +FROM training_history +ORDER BY trained_at DESC +LIMIT 10; +" +Password for user ids_user: + model_version | records_processed | status | trained_at +---------------+-------------------+---------+---------------------------- + 1.0.0 | 100000 | success | 2025-11-18 08:37:28.627906 +(1 row) \ No newline at end of file diff --git a/deployment/cron_detect.sh b/deployment/cron_detect.sh new file mode 100644 index 0000000..8632b1e --- /dev/null +++ b/deployment/cron_detect.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# ========================================================= +# CRON DETECTION - Rilevamento anomalie automatico +# ========================================================= + +LOG_FILE="/var/log/ids/detect.log" +mkdir -p /var/log/ids + +echo "=========================================" >> "$LOG_FILE" +echo "[$(date)] Detection automatica avviata" >> "$LOG_FILE" +echo "=========================================" >> "$LOG_FILE" + +curl -X POST http://localhost:8000/detect \ + -H "Content-Type: application/json" \ + -d '{"max_records": 50000, "hours_back": 1, "risk_threshold": 75, "auto_block": true}' \ + --max-time 120 >> "$LOG_FILE" 2>&1 + +EXIT_CODE=$? + +if [ $EXIT_CODE -eq 0 ]; then + echo "[$(date)] Detection completata con successo" >> "$LOG_FILE" +else + echo "[$(date)] Detection fallita (exit code: $EXIT_CODE)" >> "$LOG_FILE" +fi + +echo "" >> "$LOG_FILE" diff --git a/deployment/cron_train.sh b/deployment/cron_train.sh new file mode 100644 index 0000000..7334208 --- /dev/null +++ b/deployment/cron_train.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# ========================================================= +# CRON TRAINING - Addestramento automatico modello ML +# ========================================================= + +LOG_FILE="/var/log/ids/training.log" +mkdir -p /var/log/ids + +echo "=========================================" >> "$LOG_FILE" +echo "[$(date)] Training automatico avviato" >> "$LOG_FILE" +echo "=========================================" >> "$LOG_FILE" + +curl -X POST http://localhost:8000/train \ + -H "Content-Type: application/json" \ + -d '{"max_records": 100000, "hours_back": 24}' \ + --max-time 300 >> "$LOG_FILE" 2>&1 + +EXIT_CODE=$? + +if [ $EXIT_CODE -eq 0 ]; then + echo "[$(date)] Training completato con successo" >> "$LOG_FILE" +else + echo "[$(date)] Training fallito (exit code: $EXIT_CODE)" >> "$LOG_FILE" +fi + +echo "" >> "$LOG_FILE"