Add rowid to engaged alerts for all families

include/Alert.h

@@ -27,8 +27,10 @@ class Alert {
   time_t tstamp;
   time_t last_update;
   AlertType alert_id;
-  u_int8_t score;
+  u_int64_t rowid; /* used by engaged alert in the in-memory table */
   u_int16_t port;
+  u_int8_t score;
+  bool require_attention;
   std::string subtype;
   std::string json;
   std::string ip;

include/NetworkInterface.h

@@ -85,7 +85,7 @@ class NetworkInterface : public NetworkInterfaceAlertableEntity {
     num_alerts_engaged_error[ALERT_ENTITY_MAX_NUM_ENTITIES],
     num_alerts_engaged_critical[ALERT_ENTITY_MAX_NUM_ENTITIES],
     num_alerts_engaged_emergency[ALERT_ENTITY_MAX_NUM_ENTITIES], flow_serial;
-  u_int64_t alert_serial;
+  std::atomic<u_int64_t> alert_serial;
   /* Counters for active alerts. Changed by multiple concurrent threads */
   std::atomic<u_int64_t>
   num_active_alerted_flows_notice; /* Counts all flow alerts with severity
@@ -1285,7 +1285,7 @@ class NetworkInterface : public NetworkInterfaceAlertableEntity {
   }
   u_int16_t getnDPIProtoByName(const char *name);
   inline u_int32_t getNewFlowSerial() { return (flow_serial++); }
-  inline u_int64_t getNewAlertSerial() { return (++alert_serial); }
+  inline u_int64_t getNewAlertSerial() { return alert_serial.fetch_add(1, std::memory_order_relaxed); }
   bool resetHostTopSites(AddressTree *allowed_hosts, char *host_ip,
                          u_int16_t vlan_id, u_int16_t observationPointId);
   void localHostsServerPorts(lua_State *vm);

scripts/lua/modules/alerts_api.lua

@@ -362,7 +362,6 @@ function alerts_api.trigger(entity_info, type_info, when, cur_alerts)
 
     triggered.ifid = ifid
     triggered.action = "engage"
-    triggered.require_attention = true
 
     -- Emit the notification only if the notification hasn't already been emitted.
     -- This is to avoid alert storms when ntopng is restarted. Indeeed,
@@ -451,7 +450,6 @@ function alerts_api.release(entity_info, type_info, when, cur_alerts)
 
     released.ifid = ifid
     released.action = "release"
-    triggered.require_attention = true
 
     addAlertPoolAndNetworkInfo(entity_info, released)
 

src/NetworkInterface.cpp

@@ -366,7 +366,7 @@ void NetworkInterface::init(const char *interface_name) {
   hostAlertsQueue = new (std::nothrow) SPSCQueue<HostAlertReleasedPair>(MAX_HOST_CHECKS_QUEUE_LEN,
 									"hostAlertsQueue");
   flow_serial = 0;
-  alert_serial = 0;
+  alert_serial = 1; /* first assigned rowid is 1 */
 
   /* nDPI handling */
   ndpi_cleanup_needed = false;

src/OtherAlertableEntity.cpp

@@ -37,10 +37,12 @@ OtherAlertableEntity::~OtherAlertableEntity() {}
 
 void OtherAlertableEntity::luaAlert(lua_State *vm, const Alert *alert,
                                     ScriptPeriodicity p) const {
+  lua_push_int64_table_entry(vm, "rowid", alert->alert_id);
   lua_push_int32_table_entry(vm, "alert_id", alert->alert_id);
   lua_push_str_table_entry(vm, "subtype", alert->subtype.c_str());
   lua_push_int32_table_entry(vm, "entity_id", getEntityType());
   lua_push_str_table_entry(vm, "entity_val", getEntityValue().c_str());
+  lua_push_bool_table_entry(vm, "require_attention", alert->require_attention);
   lua_push_int32_table_entry(vm, "score", alert->score);
   lua_push_int32_table_entry(vm, "severity",
                              Utils::mapScoreToSeverity(alert->score));
@@ -84,10 +86,12 @@ bool OtherAlertableEntity::triggerAlert(lua_State *vm, std::string key,
     if (it == engaged_alerts[(u_int)p].end()) {
       Alert alert;
 
+      alert.rowid = getAlertInterface()->getNewAlertSerial();
       alert.tstamp = alert.last_update = now;
       alert.score = score;
       alert.alert_id = alert_id;
       alert.subtype = subtype;
+      alert.require_attention = true;
       alert.json = json;
       alert.ip = ip ? ip : "";
       alert.name = name ? name : "";