marco/ids.alfacom.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46 Commits 1 Branch 100 Tags 9.2 MiB
d345a24572
Commit Graph

9 Commits

Author SHA1 Message Date
marco370
d345a24572 Improve intrusion detection system with functional updates and database fixes 
Update `replit.md` to reflect recent system improvements including a fully functional syslog parser, PostgreSQL database, updated regex patterns, DDoS detection, and automated deployment workflows. Addresses issues with the `network_logs` table schema and incorrect regex matching. Includes SQL query outputs for verification.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 70827608-8ca8-471f-a794-336056b4ce88
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/MkBJZ0L
 2025-11-17 17:54:18 +00:00
marco370
e5f307af27 Fix error when saving network logs to the database 
Correct SQL query to insert data into the network_logs table, resolving "relation 'network_logs' does not exist" errors.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: e8e7edaf-8ac8-493c-b890-465ff617b0ce
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/MkBJZ0L
 2025-11-17 17:40:22 +00:00
marco370
0d34bf7d3c Update log parsing to better identify network traffic and DDoS events 
Refactors the `SyslogParser` class in `python_ml/syslog_parser.py` to use a new, more comprehensive regex pattern (`main_pattern`) for parsing MikroTik logs. This includes improved identification of 'forward' and 'detected-ddos forward' actions, protocol details (UDP, TCP, ICMP), and associated IP addresses, ports, and lengths. The changes aim to accurately capture network traffic and potential DDoS events from MikroTik logs.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: b7377ada-e722-475a-86d2-07f21299ec70
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/MkBJZ0L
 2025-11-17 17:35:37 +00:00
marco370
51aa026aae Update logs to show processing progress 
Adds new log entries to the syslog parser output, indicating incremental progress in row processing without saving any logs.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: b96cf229-a1bd-4e23-8aee-d92bd339420b
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/MkBJZ0L
 2025-11-17 17:34:04 +00:00
marco370
7b6fc148a5 Update system to correctly process log files with proper permissions 
Correctly sets file permissions and ownership for the `.env` file and demonstrates successful database connection and log file processing by the syslog parser script.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 91f9e939-55de-4fd8-9f48-6360540b2bfe
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/c9ITWqD
 2025-11-17 16:42:42 +00:00
marco370
1936a29ae4 Improve database connection security and restart log parser 
Modify pg_hba.conf to use SCRAM-SHA-256 for database authentication and restart the syslog parser service.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 2c44c1cf-5725-4dd8-8305-3fa9b2a5136c
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/c9ITWqD
 2025-11-17 16:39:09 +00:00
marco370
08c2373aa5 Configure database user and password for secure access 
Updates PostgreSQL configuration to set password encryption to SCRAM-SHA-256, creates a new user 'ids_user' with the specified password, grants necessary privileges on the 'ids_database', and configures default privileges for future objects. Includes troubleshooting steps and log excerpts related to authentication failures.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: f8be77ab-2269-4666-9e56-9309e455e81c
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/c9ITWqD
 2025-11-17 16:28:10 +00:00
marco370
7c36dc039b Fix PostgreSQL authentication issues for user access 
Introduces a shell script to modify pg_hba.conf and reset PostgreSQL user passwords, resolving authentication failures.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 39b3e0c3-d6b2-4c6f-afb4-e32fe7f09b02
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/c9ITWqD
 2025-11-17 16:25:32 +00:00
marco370
0b9d0cf302 Initial commit 2025-11-11 09:12:13 +00:00