Merge pull request #580 from stratosphereips/alya/fix_storing_timesta…

…mps_in_the_alerts_db remove dead code
stratosphereips · May 13, 2024 · 4f837b3 · 4f837b3
2 parents e22b866 + 7b2cdec
commit 4f837b3
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 44 deletions.
diff --git a/slips_files/core/database/database_manager.py b/slips_files/core/database/database_manager.py
@@ -629,7 +629,7 @@ def getProfiles(self, *args, **kwargs):
         return self.rdb.getProfiles(*args, **kwargs)
 
     def getTWsfromProfile(self, *args, **kwargs):
-        return self.rdb.getTWsfromProfile(*args, **kwargs)
+        return self.rdb.get_tws_from_profile(*args, **kwargs)
 
     def get_number_of_tws_in_profile(self, *args, **kwargs):
         return self.rdb.get_number_of_tws_in_profile(*args, **kwargs)
@@ -658,9 +658,6 @@ def get_first_twid_for_profile(self, *args, **kwargs):
     def get_tw_of_ts(self, *args, **kwargs):
         return self.rdb.get_tw_of_ts(*args, **kwargs)
 
-    def add_new_older_tw(self, *args, **kwargs):
-        return self.rdb.add_new_older_tw(*args, **kwargs)
-
     def add_new_tw(self, *args, **kwargs):
         return self.rdb.add_new_tw(*args, **kwargs)
 

diff --git a/slips_files/core/database/redis_db/profile_handler.py b/slips_files/core/database/redis_db/profile_handler.py
@@ -7,7 +7,6 @@
 from typing import (
     Tuple,
     Union,
-    Dict,
     Optional,
     List,
     Set,
@@ -1089,7 +1088,7 @@ def getProfiles(self):
         profiles = self.r.smembers("profiles")
         return profiles if profiles != set() else {}
 
-    def getTWsfromProfile(self, profileid):
+    def get_tws_from_profile(self, profileid):
         """
         Receives a profile id and returns the list of all the TW in that profile
         Returns a list of tuples (twid, ts) or an empty list
@@ -1105,7 +1104,7 @@ def get_number_of_tws_in_profile(self, profileid) -> int:
         Receives a profile id and returns the number of all the
         TWs in that profile
         """
-        return len(self.getTWsfromProfile(profileid)) if profileid else 0
+        return len(self.get_tws_from_profile(profileid)) if profileid else 0
 
     def get_srcips_from_profile_tw(self, profileid, twid):
         """
@@ -1213,37 +1212,6 @@ def get_tw_of_ts(self, profileid, time) -> Optional[Tuple[str, float]]:
 
         return data
 
-    def add_new_older_tw(
-        self, profileid: str, tw_start_time: float, tw_number: int
-    ):
-        """
-        Creates or adds a new timewindow that is OLDER than the
-        first we have
-        :param tw_start_time: start time of timewindow to add
-        :param tw_number: number of timewindow to add
-        Returns the id of the timewindow just created
-        """
-        try:
-            twid: str = f"timewindow{tw_number}"
-            timewindows: Dict[str, float] = {twid: tw_start_time}
-            self.r.zadd(f"tws{profileid}", timewindows)
-
-            self.print(
-                f"Created and added to DB the new older "
-                f"TW with id {twid}. Time: {tw_start_time} ",
-                0,
-                4,
-            )
-
-            # The creation of a TW now does not imply that it was modified.
-            # You need to put data to mark is at modified
-            return twid
-        except redis.exceptions.ResponseError as e:
-            self.print("error in addNewOlderTW in database.py", 0, 1)
-            self.print(type(e), 0, 1)
-            self.print(e, 0, 1)
-            self.print(traceback.format_exc(), 0, 1)
-
     def add_new_tw(self, profileid, timewindow: str, startoftw: float):
         """
         Creates or adds a new timewindow to the list of tw for the

diff --git a/slips_files/core/database/sqlite_db/database.py b/slips_files/core/database/sqlite_db/database.py
@@ -324,7 +324,8 @@ def add_alert(self, alert: dict):
         # 'alerts': 'alert_id TEXT PRIMARY KEY, alert_time TEXT, ip_alerted TEXT,
         # timewindow TEXT, tw_start TEXT, tw_end TEXT, label TEXT'
         self.execute(
-            "INSERT OR REPLACE INTO alerts (alert_id, ip_alerted, timewindow, tw_start, tw_end, label, alert_time) "
+            "INSERT OR REPLACE INTO alerts "
+            "(alert_id, ip_alerted, timewindow, tw_start, tw_end, label, alert_time) "
             "VALUES (?, ?, ?, ?, ?, ?, ?);",
             (
                 alert["alert_ID"],

diff --git a/slips_files/core/evidencehandler.py b/slips_files/core/evidencehandler.py
@@ -559,22 +559,21 @@ def is_blocking_module_enabled(self) -> bool:
             self.is_running_on_interface() and "-p" not in sys.argv
         ) or custom_flows
 
-    def handle_new_alert(self, alert_ID: str, tw_evidence: dict):
+    def handle_new_alert(self, alert_id: str, tw_evidence: dict):
         """
         saves alert details in the db and informs exporting modules about it
         """
-        profile, srcip, twid, _ = alert_ID.split("_")
+        profile, srcip, twid, _ = alert_id.split("_")
         profileid = f"{profile}_{srcip}"
         self.db.set_evidence_causing_alert(
-            profileid, twid, alert_ID, self.IDs_causing_an_alert
+            profileid, twid, alert_id, self.IDs_causing_an_alert
         )
         # when an alert is generated , we should set the threat level of the
         # attacker's profile to 1(critical) and confidence 1
         # so that it gets reported to other peers with these numbers
         self.db.update_threat_level(profileid, "critical", 1)
-
         alert_details = {
-            "alert_ID": alert_ID,
+            "alert_ID": alert_id,
             "profileid": profileid,
             "twid": twid,
         }