crontab -u ids -l # ============================================ # SISTEMA IDS - CONFIGURAZIONE AUTOMATICA # ============================================ # Training ML ogni 12 ore (alle 00:00 e 12:00) 0 */12 * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/train', json={'max_records': 10000, 'hours_back': 24})" >> /var/log/ids/training.log 2>&1 # Detection automatica ogni 5 minuti */5 * * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/detect', json={'max_records': 5000, 'auto_block': True, 'risk_threshold': 75})" >> /var/log/ids/detect.log 2>&1 # Verifica processo backend Python ogni 5 minuti (riavvia se non attivo) */5 * * * * /opt/ids/deployment/check_backend.sh >> /var/log/ids/cron.log 2>&1 # Verifica processo frontend ogni 5 minuti (riavvia se non attivo) */5 * * * * /opt/ids/deployment/check_frontend.sh >> /var/log/ids/cron.log 2>&1 # Pulizia log settimanale (ogni domenica alle 02:00) 0 2 * * 0 find /var/log/ids -name "*.log" -size +100M -exec truncate -s 50M {} \; >> /var/log/ids/cron.log 2>&1 # Restart completo del sistema ogni settimana (domenica alle 03:00) 0 3 * * 0 /opt/ids/deployment/restart_all.sh >> /var/log/ids/cron.log 2>&1 # Backup database giornaliero (alle 04:00) 0 4 * * * /opt/ids/deployment/backup_db.sh >> /var/log/ids/cron.log 2>&1 [root@ids ids]# curl -X POST http://localhost:8000/train \ -H "Content-Type: application/json" \ -d '{"max_records": 100000, "hours_back": 24}' {"message":"Training avviato in background","max_records":100000,"hours_back":24}[root@ids ids]# psql -h 127.0.0.1 -U ids_user -d ids_database -c " SELECT model_version, records_processed, status, trained_at FROM training_history ORDER BY trained_at DESC LIMIT 10; " Password for user ids_user: model_version | records_processed | status | trained_at ---------------+-------------------+--------+------------ (0 rows) [root@ids var]# psql -h 127.0.0.1 -U ids_user -d ids_database -c " SELECT source_ip, risk_score, detected_at FROM detections ORDER BY detected_at DESC LIMIT 20; " Password for user ids_user: source_ip | risk_score | detected_at ----------------+------------+---------------------------- 64.34.90.127 | 77.42 | 2025-11-18 08:25:29.648227 10.0.249.226 | 78.49 | 2025-11-18 08:25:29.648227 10.0.249.26 | 78.65 | 2025-11-18 08:25:29.648227 72.46.85.161 | 78.76 | 2025-11-18 08:25:29.648227 160.202.129.17 | 78.98 | 2025-11-18 08:25:29.648227 213.175.208.76 | 79.34 | 2025-11-18 08:25:29.648227 67.213.119.137 | 79.84 | 2025-11-18 08:25:29.648227 185.203.25.157 | 82.51 | 2025-11-18 08:25:29.648227 10.1.0.254 | 84.36 | 2025-11-18 08:25:29.648227 185.203.25.254 | 85.57 | 2025-11-18 08:25:29.648227 185.203.25.69 | 85.87 | 2025-11-18 08:25:29.648227 10.0.254.124 | 87.74 | 2025-11-18 08:25:29.648227 37.59.16.12 | 90.28 | 2025-11-18 08:25:29.648227 79.124.56.186 | 91.24 | 2025-11-18 08:25:29.648227 37.59.16.20 | 91.24 | 2025-11-18 08:25:29.648227 10.0.249.160 | 91.35 | 2025-11-18 08:25:29.648227 54.36.50.241 | 92.52 | 2025-11-18 08:25:29.648227 185.203.26.17 | 92.52 | 2025-11-18 08:25:29.648227 185.203.26.34 | 92.63 | 2025-11-18 08:25:29.648227 185.203.24.23 | 95.45 | 2025-11-18 08:25:29.648227 (20 rows) psql -h 127.0.0.1 -U ids_user -d ids_database -c " SELECT model_version, records_processed, status, trained_at FROM training_history ORDER BY trained_at DESC LIMIT 10; " Password for user ids_user: model_version | records_processed | status | trained_at ---------------+-------------------+---------+---------------------------- 1.0.0 | 100000 | success | 2025-11-18 08:37:28.627906 (1 row)