marco/ids.alfacom.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve log processing and add automated tasks

Browse Source 
Update log processing to use the correct timestamp field and introduce cron jobs for automated model training and anomaly detection.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: f0653fd5-fc94-4fcb-8d7e-2a0e90fc81bf
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/MkBJZ0L
This commit is contained in:
marco370 2025-11-17 18:11:49 +00:00
parent d649a4ee5f
commit dc91096d9d
5 changed files with 151 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.replit
View File

@ -14,10 +14,6 @@ run = ["npm", "run", "start"]
localPort = 5000 localPort = 5000
externalPort = 80 externalPort = 80
[[ports]]
localPort = 45045
externalPort = 3000
[env] [env]
PORT = "5000" PORT = "5000"

79
attached_assets/Pasted--python3-11-main-py-8-60594-root-ids-python-ml-Starting-IDS-API-on-http-0-0-0-0-8000-Do-1763402969617_1763402969617.txt Normal file
View File

File diff suppressed because one or more lines are too long

36
python_ml/cron_detect.sh Normal file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# =========================================================
# CRON DETECTION - Rilevamento anomalie automatico
# =========================================================
# Esegue detection ogni 5 minuti con blocco automatico IP critici
# =========================================================
# Logging
LOG_FILE="/var/log/ids/detection.log"
mkdir -p /var/log/ids
exec >> "$LOG_FILE" 2>&1
echo "========================================="
echo "🔍 [$(date)] DETECTION AUTOMATICA AVVIATA"
echo "========================================="
# Esegue detection via API con auto-block
curl -X POST http://localhost:8000/detect \
-H "Content-Type: application/json" \
-d '{
"max_records": 50000,
"hours_back": 1,
"risk_threshold": 75,
"auto_block": true
}' \
--max-time 120
EXIT_CODE=$?
if [ $EXIT_CODE -eq 0 ]; then
echo "✅ [$(date)] Detection completata con successo"
else
echo "❌ [$(date)] Detection fallita (exit code: $EXIT_CODE)"
fi
echo ""

35
python_ml/cron_train.sh Normal file
View File

@ -0,0 +1,35 @@
#!/bin/bash
# =========================================================
# CRON TRAINING - Addestramento automatico modello ML
# =========================================================
# Esegue training ogni 12 ore con 100K log più recenti
# =========================================================
# Logging
LOG_FILE="/var/log/ids/training.log"
mkdir -p /var/log/ids
exec >> "$LOG_FILE" 2>&1
echo "========================================="
echo "🤖 [$(date)] TRAINING AUTOMATICO AVVIATO"
echo "========================================="
# Esegue training via API
curl -X POST http://localhost:8000/train \
-H "Content-Type: application/json" \
-d '{
"max_records": 100000,
"hours_back": 24,
"contamination": 0.01
}' \
--max-time 300
EXIT_CODE=$?
if [ $EXIT_CODE -eq 0 ]; then
echo "✅ [$(date)] Training completato con successo"
else
echo "❌ [$(date)] Training fallito (exit code: $EXIT_CODE)"
fi
echo ""

2
python_ml/main.py
View File

@ -392,7 +392,7 @@ async def get_stats():
cursor.execute(""" cursor.execute("""
SELECT COUNT(*) as recent FROM network_logs SELECT COUNT(*) as recent FROM network_logs
WHERE logged_at >= NOW() - INTERVAL '1 hour' WHERE timestamp >= NOW() - INTERVAL '1 hour'
""") """)
recent_logs = cursor.fetchone()['recent'] recent_logs = cursor.fetchone()['recent']