Improve log processing and add automated tasks

Update log processing to use the correct timestamp field and introduce cron jobs for automated model training and anomaly detection. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Event-Id: f0653fd5-fc94-4fcb-8d7e-2a0e90fc81bf Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/MkBJZ0L
2025-11-17 18:11:49 +00:00 · 2025-11-17 18:11:49 +00:00 · dc91096d9d
commit dc91096d9d
parent d649a4ee5f
5 changed files with 151 additions and 5 deletions
--- a/.replit
+++ b/.replit
@ -14,10 +14,6 @@ run = ["npm", "run", "start"]
 localPort = 5000
 externalPort = 80

-[[ports]]
-localPort = 45045
-externalPort = 3000
-
 [env]
 PORT = "5000"

--- a/attached_assets/Pasted--python3-11-main-py-8-60594-root-ids-python-ml-Starting-IDS-API-on-http-0-0-0-0-8000-Do-1763402969617_1763402969617.txt
+++ b/attached_assets/Pasted--python3-11-main-py-8-60594-root-ids-python-ml-Starting-IDS-API-on-http-0-0-0-0-8000-Do-1763402969617_1763402969617.txt
--- a/python_ml/cron_detect.sh
+++ b/python_ml/cron_detect.sh
@ -0,0 +1,36 @@
+#!/bin/bash
+# =========================================================
+# CRON DETECTION - Rilevamento anomalie automatico
+# =========================================================
+# Esegue detection ogni 5 minuti con blocco automatico IP critici
+# =========================================================
+
+# Logging
+LOG_FILE="/var/log/ids/detection.log"
+mkdir -p /var/log/ids
+exec >> "$LOG_FILE" 2>&1
+
+echo "========================================="
+echo "🔍 [$(date)] DETECTION AUTOMATICA AVVIATA"
+echo "========================================="
+
+# Esegue detection via API con auto-block
+curl -X POST http://localhost:8000/detect \
+  -H "Content-Type: application/json" \
+  -d '{
+    "max_records": 50000,
+    "hours_back": 1,
+    "risk_threshold": 75,
+    "auto_block": true
+  }' \
+  --max-time 120
+
+EXIT_CODE=$?
+
+if [ $EXIT_CODE -eq 0 ]; then
+    echo "✅ [$(date)] Detection completata con successo"
+else
+    echo "❌ [$(date)] Detection fallita (exit code: $EXIT_CODE)"
+fi
+
+echo ""
--- a/python_ml/cron_train.sh
+++ b/python_ml/cron_train.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+# =========================================================
+# CRON TRAINING - Addestramento automatico modello ML
+# =========================================================
+# Esegue training ogni 12 ore con 100K log più recenti
+# =========================================================
+
+# Logging
+LOG_FILE="/var/log/ids/training.log"
+mkdir -p /var/log/ids
+exec >> "$LOG_FILE" 2>&1
+
+echo "========================================="
+echo "🤖 [$(date)] TRAINING AUTOMATICO AVVIATO"
+echo "========================================="
+
+# Esegue training via API
+curl -X POST http://localhost:8000/train \
+  -H "Content-Type: application/json" \
+  -d '{
+    "max_records": 100000,
+    "hours_back": 24,
+    "contamination": 0.01
+  }' \
+  --max-time 300
+
+EXIT_CODE=$?
+
+if [ $EXIT_CODE -eq 0 ]; then
+    echo "✅ [$(date)] Training completato con successo"
+else
+    echo "❌ [$(date)] Training fallito (exit code: $EXIT_CODE)"
+fi
+
+echo ""
--- a/python_ml/main.py
+++ b/python_ml/main.py
@ -392,7 +392,7 @@ async def get_stats():
        
        cursor.execute("""
            SELECT COUNT(*) as recent FROM network_logs 
-            WHERE logged_at >= NOW() - INTERVAL '1 hour'
+            WHERE timestamp >= NOW() - INTERVAL '1 hour'
        """)
        recent_logs = cursor.fetchone()['recent']