Emergency Notifications
No recipient configured for Emergency Alerts (alerts with Emergency severity), please configure it to receive important notifications!
| Script | Type | Activity | Hooks | Filters | Filtered | Tot Exec Time | Action |
|---|---|---|---|---|---|---|---|
| countries_contacts | Hosts | Community | min | 0 | |||
| custom_host_lua_script | Hosts | Community | min | 0 | |||
| dangerous_host | Hosts | Community | min | 0 | |||
| dns_contacts | Hosts | Community | min | 0 | |||
| domain_names_contacts | Hosts | Community | min | 0 | |||
| external_host_script | Hosts | Community | min | 0 | |||
| flow_flood | Hosts | Community | min | 0 | |||
| icmp_flood | Hosts | Community | min | 0 | |||
| ntp_contacts | Hosts | Community | min | 0 | |||
| remote_connection | Hosts | Community | min | 0 | |||
| scan | Hosts | Enterprise M | 5mins | 0 | |||
| smtp_contacts | Hosts | Community | min | 0 | |||
| suspicious_domain_scan | Hosts | Enterprise M | hour | 0 | |||
| unexpected_gateway | Hosts | Community | min | 0 | |||
| dropped_alerts | Interfaces | Community | min | 0 | |||
| ghost_networks | Interfaces | Community | min | 0 | |||
| no_if_activity | Interfaces | Community | min | 0 | |||
| no_probe_or_exporter_activity | Interfaces | Community | min | 0 | |||
| periodic_activity_not_executed | Interfaces | Community | min | 0 | |||
| slow_periodic_activity | Interfaces | Community | min | 0 | |||
| too_many_drops | Interfaces | Community | min | 0 | |||
| broadcast_domain_too_large | Networks | Community | min | 0 | |||
| flow_flood_victim | Networks | Community | min | 0 | |||
| ip_reassignment | Networks | Community | min | 0 | |||
| network_discovery | Networks | Community | min | 0 | |||
| network_issues | Networks | Community | min | 0 | |||
| syn_scan_victim | Networks | Community | min | packet_interface | 0 | ||
| binary_application_transfer | Flows | Community | 0 | 41.76 ms | |||
| blacklisted | Flows | Community | 0 | 32.11 ms | |||
| blacklisted_client_contact | Flows | Community | 0 | 29.67 ms | |||
| blacklisted_server_contact | Flows | Community | 0 | 19.19 ms | |||
| broadcast_non_udp_traffic | Flows | Community | 0 | 28.09 ms | |||
| country_check | Flows | Community | 0 | < 1 ms | |||
| custom_lua_script | Flows | Community | 0 | < 1 ms | |||
| device_protocol_not_allowed | Flows | Community | 0 | 69.46 ms | |||
| external_alert_check | Flows | Community | 0 | 59.96 ms | |||
| iec_invalid_command_transition | Flows | Community | packet_interface | 0 | < 1 ms | ||
| iec_invalid_transition | Flows | Community | packet_interface | 0 | < 1 ms | ||
| iec_unexpected_type_id | Flows | Community | packet_interface | 0 | < 1 ms | ||
| known_proto_on_non_std_port | Flows | Community | 0 | 91.63 ms | |||
| low_goodput | Flows | Community | packet_interface, nedge=false | 0 | 182.49 ms | ||
| ndpi_anonymous_subscriber | Flows | Community | 0 | 19.68 ms | |||
| ndpi_binary_data_transfer | Flows | Community | 0 | 11.68 ms | |||
| ndpi_clear_text_credentials | Flows | Community | 0 | 21.09 ms | |||
| ndpi_desktop_or_file_sharing_session | Flows | Community | 0 | 17.75 ms | |||
| ndpi_dns_fragmented | Flows | Community | 0 | 14.28 ms | |||
| ndpi_dns_large_packet | Flows | Community | 0 | 16.72 ms | |||
| ndpi_dns_suspicious_traffic | Flows | Community | 0 | 16.37 ms | |||
| ndpi_error_code_detected | Flows | Community | 0 | 17.82 ms | |||
| ndpi_http_crawler_bot | Flows | Community | 0 | 9.22 ms | |||
| ndpi_http_obsolete_server | Flows | Community | 0 | 16.24 ms | |||
| ndpi_http_suspicious_content | Flows | Community | 0 | 9.93 ms | |||
| ndpi_http_suspicious_header | Flows | Community | 0 | 12.98 ms | |||
| ndpi_http_suspicious_url | Flows | Community | 0 | 13.31 ms | |||
| ndpi_http_suspicious_user_agent | Flows | Community | 0 | 13.9 ms | |||
| ndpi_invalid_characters | Flows | Community | 0 | 8.64 ms | |||
| ndpi_malformed_packet | Flows | Community | 0 | 14.44 ms | |||
| ndpi_malicious_fingerprint | Flows | Community | 0 | 15.84 ms | |||
| ndpi_malicious_sha1_certificate | Flows | Community | 0 | 12.46 ms | |||
| ndpi_malware_host_contacted | Flows | Community | 0 | 13.02 ms | |||
| ndpi_minor_issues | Flows | Community | 0 | 9.98 ms | |||
| ndpi_mismatching_protocol_with_ip | Flows | Community | 0 | 10.57 ms | |||
| ndpi_numeric_ip_host | Flows | Community | 0 | 14.7 ms | |||
| ndpi_obfuscated_traffic | Flows | Community | 0 | 11.73 ms | |||
| ndpi_periodic_flow | Flows | Community | 0 | < 1 ms | |||
| ndpi_possible_exploit | Flows | Community | 0 | 9.98 ms | |||
| ndpi_probing_attempt | Flows | Community | 0 | 14.65 ms | |||
| ndpi_punicody_idn | Flows | Community | 0 | 10.49 ms | |||
| ndpi_risky_asn | Flows | Community | 0 | 17.23 ms | |||
| ndpi_risky_domain | Flows | Community | 0 | 13.8 ms | |||
| ndpi_smb_insecure_version | Flows | Community | 0 | 14.84 ms | |||
| ndpi_ssh_obsolete_client | Flows | Community | 0 | 12.84 ms | |||
| ndpi_ssh_obsolete_server | Flows | Community | 0 | 12.64 ms | |||
| ndpi_suspicious_dga_domain | Flows | Community | 0 | 13.65 ms | |||
| ndpi_suspicious_entropy | Flows | Community | 0 | 25.85 ms | |||
| ndpi_tcp_issues | Flows | Community | 0 | 13.6 ms | |||
| ndpi_tls_alpn_sni_mismatch | Flows | Community | 0 | 8.5 ms | |||
| ndpi_tls_certificate_about_to_expire | Flows | Community | 0 | 8.49 ms | |||
| ndpi_tls_fatal_alert | Flows | Community | 0 | 22.03 ms | |||
| ndpi_tls_missing_sni | Flows | Community | 0 | 12.62 ms | |||
| ndpi_tls_not_carrying_https | Flows | Community | 0 | 17.27 ms | |||
| ndpi_tls_suspicious_extension | Flows | Community | 0 | 18.0 ms | |||
| ndpi_tls_uncommon_alpn | Flows | Community | 0 | 14.13 ms | |||
| ndpi_unidirectional_traffic | Flows | Community | 0 | 55.47 ms | |||
| ndpi_unsafe_protocol | Flows | Community | 0 | 12.49 ms | |||
| ndpi_url_possible_rce_injection | Flows | Community | 0 | 16.9 ms | |||
| ndpi_url_possible_sql_injection | Flows | Community | 0 | 19.66 ms | |||
| ndpi_url_possible_xss | Flows | Community | 0 | 12.69 ms | |||
| not_purged | Flows | Community | 0 | 42.09 ms | |||
| rare_destination | Flows | Community | packet_interface, nedge=false | 0 | 25.91 ms | ||
| remote_access | Flows | Community | 0 | 30.4 ms | |||
| remote_to_local_insecure_flow | Flows | Community | 0 | 15.0 ms | |||
| remote_to_remote | Flows | Community | 0 | < 1 ms | |||
| tcp_flow_reset | Flows | Community | 0 | < 1 ms | |||
| tcp_no_data_exchanged | Flows | Community | packet_interface | 0 | 28.68 ms | ||
| unexpected_dhcp | Flows | Community | 0 | < 1 ms | |||
| unexpected_dns | Flows | Community | 0 | < 1 ms | |||
| unexpected_ntp | Flows | Community | 0 | < 1 ms | |||
| unexpected_smtp | Flows | Community | 0 | < 1 ms | |||
| vlan_bidirectional_traffic | Flows | Community | 0 | < 1 ms | |||
| web_mining | Flows | Community | 0 | 19.2 ms | |||
| zero_tcp_window | Flows | Community | packet_interface | 0 | 31.81 ms | ||
| dropped_alerts | System | Community | min | 0 | |||
| exporters_limit_exceeded | System | Community | min | 0 | |||
| ids_ips_log | System | Community | min | 0 | |||
| periodic_activity_not_executed | System | Community | min | 0 | |||
| redis_reads_writes_exceeded | System | Community | day | 0 | |||
| slow_periodic_activity | System | Community | min | 0 | |||
| system_error | System | Community | min | 0 | |||
| host_log | Syslog | Community | handleEvent | 0 | |||
| nbox | Syslog | Community | handleEvent | 0 | |||
| suricata | Syslog | Community | handleEvent | nedge=false | 0 |