From 62ffbe499a7458706673fa776444eafb4e5c33c7 Mon Sep 17 00:00:00 2001 From: marco370 <48531002-marco370@users.noreply.replit.com> Date: Tue, 18 Nov 2025 08:24:09 +0000 Subject: [PATCH] Add automated training and detection jobs to the system Adds new cron jobs and shell scripts for automated ML model training and anomaly detection, along with configurations for logging and system checks. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Event-Id: 534244cd-b293-403e-a6d6-43cd9fbb30fb Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/1P26v7M --- ...AZIONE-AUT-1763454150778_1763454150778.txt | 81 +++++++++++++++++++ deployment/cron_detect.sh | 26 ++++++ deployment/cron_train.sh | 26 ++++++ 3 files changed, 133 insertions(+) create mode 100644 attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt create mode 100644 deployment/cron_detect.sh create mode 100644 deployment/cron_train.sh diff --git a/attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt b/attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt new file mode 100644 index 0000000..ccf2f49 --- /dev/null +++ b/attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt @@ -0,0 +1,81 @@ + crontab -u ids -l +# ============================================ +# SISTEMA IDS - CONFIGURAZIONE AUTOMATICA +# ============================================ + +# Training ML ogni 12 ore (alle 00:00 e 12:00) +0 */12 * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/train', json={'max_records': 10000, 'hours_back': 24})" >> /var/log/ids/training.log 2>&1 + +# Detection automatica ogni 5 minuti +*/5 * * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/detect', json={'max_records': 5000, 'auto_block': True, 'risk_threshold': 75})" >> /var/log/ids/detect.log 2>&1 + +# Verifica processo backend Python ogni 5 minuti (riavvia se non attivo) +*/5 * * * * /opt/ids/deployment/check_backend.sh >> /var/log/ids/cron.log 2>&1 + +# Verifica processo frontend ogni 5 minuti (riavvia se non attivo) +*/5 * * * * /opt/ids/deployment/check_frontend.sh >> /var/log/ids/cron.log 2>&1 + +# Pulizia log settimanale (ogni domenica alle 02:00) +0 2 * * 0 find /var/log/ids -name "*.log" -size +100M -exec truncate -s 50M {} \; >> /var/log/ids/cron.log 2>&1 + +# Restart completo del sistema ogni settimana (domenica alle 03:00) +0 3 * * 0 /opt/ids/deployment/restart_all.sh >> /var/log/ids/cron.log 2>&1 + +# Backup database giornaliero (alle 04:00) +0 4 * * * /opt/ids/deployment/backup_db.sh >> /var/log/ids/cron.log 2>&1 +[root@ids ids]# curl -X POST http://localhost:8000/train \ + -H "Content-Type: application/json" \ + -d '{"max_records": 100000, "hours_back": 24}' +{"message":"Training avviato in background","max_records":100000,"hours_back":24}[root@ids ids]# +psql -h 127.0.0.1 -U ids_user -d ids_database -c " +SELECT model_version, records_processed, status, trained_at +FROM training_history +ORDER BY trained_at DESC +LIMIT 10; +" +Password for user ids_user: + model_version | records_processed | status | trained_at +---------------+-------------------+--------+------------ +(0 rows) + +[root@ids var]# psql -h 127.0.0.1 -U ids_user -d ids_database -c " +SELECT source_ip, risk_score, detected_at +FROM detections +ORDER BY detected_at DESC +LIMIT 20; +" +Password for user ids_user: + source_ip | risk_score | detected_at +----------------+------------+---------------------------- + 64.34.90.127 | 77.42 | 2025-11-18 08:25:29.648227 + 10.0.249.226 | 78.49 | 2025-11-18 08:25:29.648227 + 10.0.249.26 | 78.65 | 2025-11-18 08:25:29.648227 + 72.46.85.161 | 78.76 | 2025-11-18 08:25:29.648227 + 160.202.129.17 | 78.98 | 2025-11-18 08:25:29.648227 + 213.175.208.76 | 79.34 | 2025-11-18 08:25:29.648227 + 67.213.119.137 | 79.84 | 2025-11-18 08:25:29.648227 + 185.203.25.157 | 82.51 | 2025-11-18 08:25:29.648227 + 10.1.0.254 | 84.36 | 2025-11-18 08:25:29.648227 + 185.203.25.254 | 85.57 | 2025-11-18 08:25:29.648227 + 185.203.25.69 | 85.87 | 2025-11-18 08:25:29.648227 + 10.0.254.124 | 87.74 | 2025-11-18 08:25:29.648227 + 37.59.16.12 | 90.28 | 2025-11-18 08:25:29.648227 + 79.124.56.186 | 91.24 | 2025-11-18 08:25:29.648227 + 37.59.16.20 | 91.24 | 2025-11-18 08:25:29.648227 + 10.0.249.160 | 91.35 | 2025-11-18 08:25:29.648227 + 54.36.50.241 | 92.52 | 2025-11-18 08:25:29.648227 + 185.203.26.17 | 92.52 | 2025-11-18 08:25:29.648227 + 185.203.26.34 | 92.63 | 2025-11-18 08:25:29.648227 + 185.203.24.23 | 95.45 | 2025-11-18 08:25:29.648227 +(20 rows) +psql -h 127.0.0.1 -U ids_user -d ids_database -c " +SELECT model_version, records_processed, status, trained_at +FROM training_history +ORDER BY trained_at DESC +LIMIT 10; +" +Password for user ids_user: + model_version | records_processed | status | trained_at +---------------+-------------------+---------+---------------------------- + 1.0.0 | 100000 | success | 2025-11-18 08:37:28.627906 +(1 row) \ No newline at end of file diff --git a/deployment/cron_detect.sh b/deployment/cron_detect.sh new file mode 100644 index 0000000..8632b1e --- /dev/null +++ b/deployment/cron_detect.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# ========================================================= +# CRON DETECTION - Rilevamento anomalie automatico +# ========================================================= + +LOG_FILE="/var/log/ids/detect.log" +mkdir -p /var/log/ids + +echo "=========================================" >> "$LOG_FILE" +echo "[$(date)] Detection automatica avviata" >> "$LOG_FILE" +echo "=========================================" >> "$LOG_FILE" + +curl -X POST http://localhost:8000/detect \ + -H "Content-Type: application/json" \ + -d '{"max_records": 50000, "hours_back": 1, "risk_threshold": 75, "auto_block": true}' \ + --max-time 120 >> "$LOG_FILE" 2>&1 + +EXIT_CODE=$? + +if [ $EXIT_CODE -eq 0 ]; then + echo "[$(date)] Detection completata con successo" >> "$LOG_FILE" +else + echo "[$(date)] Detection fallita (exit code: $EXIT_CODE)" >> "$LOG_FILE" +fi + +echo "" >> "$LOG_FILE" diff --git a/deployment/cron_train.sh b/deployment/cron_train.sh new file mode 100644 index 0000000..7334208 --- /dev/null +++ b/deployment/cron_train.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# ========================================================= +# CRON TRAINING - Addestramento automatico modello ML +# ========================================================= + +LOG_FILE="/var/log/ids/training.log" +mkdir -p /var/log/ids + +echo "=========================================" >> "$LOG_FILE" +echo "[$(date)] Training automatico avviato" >> "$LOG_FILE" +echo "=========================================" >> "$LOG_FILE" + +curl -X POST http://localhost:8000/train \ + -H "Content-Type: application/json" \ + -d '{"max_records": 100000, "hours_back": 24}' \ + --max-time 300 >> "$LOG_FILE" 2>&1 + +EXIT_CODE=$? + +if [ $EXIT_CODE -eq 0 ]; then + echo "[$(date)] Training completato con successo" >> "$LOG_FILE" +else + echo "[$(date)] Training fallito (exit code: $EXIT_CODE)" >> "$LOG_FILE" +fi + +echo "" >> "$LOG_FILE"