ids.alfacom.it/attached_assets/Pasted--crontab-u-ids-l-SISTEMA-IDS-CONFIGURAZIONE-AUT-1763454150778_1763454150778.txt

 crontab -u ids -l
# ============================================
# SISTEMA IDS - CONFIGURAZIONE AUTOMATICA
# ============================================

# Training ML ogni 12 ore (alle 00:00 e 12:00)
0 */12 * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/train', json={'max_records': 10000, 'hours_back': 24})" >> /var/log/ids/training.log 2>&1

# Detection automatica ogni 5 minuti
*/5 * * * * cd /opt/ids/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/detect', json={'max_records': 5000, 'auto_block': True, 'risk_threshold': 75})" >> /var/log/ids/detect.log 2>&1

# Verifica processo backend Python ogni 5 minuti (riavvia se non attivo)
*/5 * * * * /opt/ids/deployment/check_backend.sh >> /var/log/ids/cron.log 2>&1

# Verifica processo frontend ogni 5 minuti (riavvia se non attivo)
*/5 * * * * /opt/ids/deployment/check_frontend.sh >> /var/log/ids/cron.log 2>&1

# Pulizia log settimanale (ogni domenica alle 02:00)
0 2 * * 0 find /var/log/ids -name "*.log" -size +100M -exec truncate -s 50M {} \; >> /var/log/ids/cron.log 2>&1

# Restart completo del sistema ogni settimana (domenica alle 03:00)
0 3 * * 0 /opt/ids/deployment/restart_all.sh >> /var/log/ids/cron.log 2>&1

# Backup database giornaliero (alle 04:00)
0 4 * * * /opt/ids/deployment/backup_db.sh >> /var/log/ids/cron.log 2>&1
[root@ids ids]# curl -X POST http://localhost:8000/train \
  -H "Content-Type: application/json" \
  -d '{"max_records": 100000, "hours_back": 24}'
{"message":"Training avviato in background","max_records":100000,"hours_back":24}[root@ids ids]#   
psql -h 127.0.0.1 -U ids_user -d ids_database -c "
SELECT model_version, records_processed, status, trained_at
FROM training_history
ORDER BY trained_at DESC
LIMIT 10;
"
Password for user ids_user:
 model_version | records_processed | status | trained_at
---------------+-------------------+--------+------------
(0 rows)

[root@ids var]# psql -h 127.0.0.1 -U ids_user -d ids_database -c "
SELECT source_ip, risk_score, detected_at
FROM detections
ORDER BY detected_at DESC
LIMIT 20;
"
Password for user ids_user:
   source_ip    | risk_score |        detected_at
----------------+------------+----------------------------
 64.34.90.127   |      77.42 | 2025-11-18 08:25:29.648227
 10.0.249.226   |      78.49 | 2025-11-18 08:25:29.648227
 10.0.249.26    |      78.65 | 2025-11-18 08:25:29.648227
 72.46.85.161   |      78.76 | 2025-11-18 08:25:29.648227
 160.202.129.17 |      78.98 | 2025-11-18 08:25:29.648227
 213.175.208.76 |      79.34 | 2025-11-18 08:25:29.648227
 67.213.119.137 |      79.84 | 2025-11-18 08:25:29.648227
 185.203.25.157 |      82.51 | 2025-11-18 08:25:29.648227
 10.1.0.254     |      84.36 | 2025-11-18 08:25:29.648227
 185.203.25.254 |      85.57 | 2025-11-18 08:25:29.648227
 185.203.25.69  |      85.87 | 2025-11-18 08:25:29.648227
 10.0.254.124   |      87.74 | 2025-11-18 08:25:29.648227
 37.59.16.12    |      90.28 | 2025-11-18 08:25:29.648227
 79.124.56.186  |      91.24 | 2025-11-18 08:25:29.648227
 37.59.16.20    |      91.24 | 2025-11-18 08:25:29.648227
 10.0.249.160   |      91.35 | 2025-11-18 08:25:29.648227
 54.36.50.241   |      92.52 | 2025-11-18 08:25:29.648227
 185.203.26.17  |      92.52 | 2025-11-18 08:25:29.648227
 185.203.26.34  |      92.63 | 2025-11-18 08:25:29.648227
 185.203.24.23  |      95.45 | 2025-11-18 08:25:29.648227
(20 rows)
psql -h 127.0.0.1 -U ids_user -d ids_database -c "
SELECT model_version, records_processed, status, trained_at
FROM training_history
ORDER BY trained_at DESC
LIMIT 10;
"
Password for user ids_user:
 model_version | records_processed | status  |         trained_at
---------------+-------------------+---------+----------------------------
 1.0.0         |            100000 | success | 2025-11-18 08:37:28.627906
(1 row)