Skip to content

Intrusion Detection Data
Compare
Choose a tag to compare
@davidnewhall davidnewhall released this 11 Jul 09:08
v1.5.0
546e2e0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This contribution adds a new feature: Intrusion Prevention & Detection System data collection. There are no graphs or dashboards available because this is not a commonly used feature, and honestly I don't know how to make it look any better or different than what's in the controller interface now.

The data itself has no real bits that can be graphed. You can pretty much just count it (singlestat panel) and create a table from each "intrusion event." This is pretty much exactly how it's displayed in the UniFi controller, and meh, it's whatever. I think it could be better. I chose not to import all the data from the controller and I omitted IP addresses because of their high cardinality. I'm up for discussion on my implementation. We can and should definitely amend it as we figure out what works for this data set. Please open an Issue if you think it can be better.

To enable the feature, set collect_ids to true in the config file.

This contribution also fixes a few bugs:

  • The application was failing to restart after exiting on Linux. Fixed!
  • Some beta controllers are failing to unmarshal a specific piece of data. Fixed!
  • Devices without names were not selectable in the dashboard variables. Fixed! (all devices get names now)

Many many build improvements were made, most of it based on the current release of application-builder. The other feature introduced by the build updates are Docker Image Labels injected by the build script from the repo metadata file (some are auto generated).

Yay, you made it to the bottom! If you haven't yet, please see the v1.4.0 Release Notes before installing this update.

Assets 17