search

jokob-sk / NetAlertX

🖧🔍 WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
GNU General Public License v3.0
3.08k stars 187 forks source link

Checkbox for "Alert all events" on new devices keeps rechecking itself #402

Closed lzsix closed 1 year ago

lzsix commented 1 year ago

Describe the issue

When submitting an issue ❗enable debug❗ and have a look at the docs

The Checkbox for Alert Events on New Devices keeps rechecking itself.

Paste your pialert.conf (remove personal info)

#-----------------AUTOGENERATED FILE-----------------#
#                                                    #
#         Generated:  2023-08-23_20-43-16            #
#                                                    #
#   Config file for the LAN intruder detection app:  #
#      https://github.com/jokob-sk/Pi.Alert          #
#                                                    #
#-----------------AUTOGENERATED FILE-----------------#

# General
#---------------------------
ENABLE_ARPSCAN=True
SCAN_SUBNETS=['10.0.0.0/24 --interface=eth0']
LOG_LEVEL='verbose'
TIMEZONE='Europe/Berlin'
ENABLE_PLUGINS=True
PLUGINS_KEEP_HIST=10000
PIALERT_WEB_PROTECTION=False
PIALERT_WEB_PASSWORD='***'
INCLUDED_SECTIONS=['internet','new_devices','down_devices','events','ports','plugins']
SCAN_CYCLE_MINUTES=5
REPORT_DASHBOARD_URL='http://10.0.0.5:20211'
DIG_GET_IP_ARG='-4 myip.opendns.com @resolver1.opendns.com'
UI_LANG='English'
UI_PRESENCE=['online','offline','archived']
DAYS_TO_KEEP_EVENTS=90
HRS_TO_KEEP_NEWDEV=0

# Email
#---------------------------
REPORT_MAIL=True
SMTP_SERVER='smtp.gmail.com'
SMTP_PORT=465
REPORT_TO='***'
REPORT_FROM='Pi.Alert Alarm'
SMTP_SKIP_LOGIN=False
SMTP_USER='***'
SMTP_PASS='***'
SMTP_SKIP_TLS=True
SMTP_FORCE_SSL=True

# Webhooks
#---------------------------
REPORT_WEBHOOK=False
WEBHOOK_URL='http://n8n.local:5555/webhook-test/aaaaaaaa-aaaa-aaaa-aaaaa-aaaaaaaaaaaa'
WEBHOOK_PAYLOAD='json'
WEBHOOK_REQUEST_METHOD='GET'
WEBHOOK_SIZE=1024

# Apprise
#---------------------------
REPORT_APPRISE=False
APPRISE_HOST='http://localhost:8000/notify'
APPRISE_URL='mailto://smtp-relay.sendinblue.com:587?from=user@gmail.com&name=apprise&user=user@gmail.com&pass=password&to=user@gmail.com'
APPRISE_PAYLOAD='html'

# NTFY
#---------------------------
REPORT_NTFY=False
NTFY_HOST='https://ntfy.sh'
NTFY_TOPIC='replace_my_secure_topicname_91h889f28'
NTFY_USER='user'
NTFY_PASSWORD='passw0rd'

# PUSHSAFER
#---------------------------
REPORT_PUSHSAFER=False
PUSHSAFER_TOKEN='ApiKey'

# MQTT
#---------------------------
REPORT_MQTT=False
MQTT_BROKER='192.168.1.2'
MQTT_PORT=1883
MQTT_USER='mqtt'
MQTT_PASSWORD='passw0rd'
MQTT_QOS=0
MQTT_DELAY_SEC=2

# DynDNS
#---------------------------
DDNS_ACTIVE=False
DDNS_DOMAIN='your_domain.freeddns.org'
DDNS_USER='dynu_user'
DDNS_PASSWORD='A0000000B0000000C0000000D0000000'
DDNS_UPDATE_URL='https://api.dynu.com/nic/update?'

# PiHole
#---------------------------
PIHOLE_ACTIVE=True
DHCP_ACTIVE=False

# Pholus
#---------------------------
PHOLUS_ACTIVE=True
PHOLUS_TIMEOUT=120
PHOLUS_FORCE=False
PHOLUS_RUN='once'
PHOLUS_RUN_TIMEOUT=600
PHOLUS_RUN_SCHD='0 4 * * *'
PHOLUS_DAYS_DATA=7

# Nmap
#---------------------------
NMAP_ACTIVE=True
NMAP_TIMEOUT=150
NMAP_RUN='disabled'
NMAP_RUN_SCHD='0 2 * * *'
NMAP_ARGS='-p -10000'

# API
#---------------------------
API_CUSTOM_SQL='SELECT * FROM Devices WHERE dev_PresentLastScan = 0'

# SNMPDSC
#---------------------------
SNMPDSC_RUN='disabled'
SNMPDSC_CMD='python3 /home/pi/pialert/front/plugins/snmp_discovery/script.py routers={s-quote}{routers}{s-quote}'
SNMPDSC_routers=['snmpwalk -v 2c -c public -OXsq 192.168.1.1 .1.3.6.1.2.1.3.1.1.2']
SNMPDSC_RUN_SCHD='0 2 * * *'
SNMPDSC_RUN_TIMEOUT=5
SNMPDSC_WATCH=['Watched_Value1']
SNMPDSC_REPORT_ON=['new','watched-changed']

# UNDIS
#---------------------------
UNDIS_RUN='disabled'
UNDIS_CMD='python3 /home/pi/pialert/front/plugins/undiscoverables/script.py devices={devices}'
UNDIS_RUN_TIMEOUT=10
UNDIS_devices_to_import=['dummy_router']

# DHCPLSS
#---------------------------
DHCPLSS_RUN='disabled'
DHCPLSS_CMD='python3 /home/pi/pialert/front/plugins/dhcp_leases/script.py paths={paths}'
DHCPLSS_paths_to_check=['/mnt/dhcp1.leases','/mnt/dhcp2.leases']
DHCPLSS_RUN_SCHD='0 2 * * *'
DHCPLSS_RUN_TIMEOUT=5
DHCPLSS_WATCH=['Watched_Value1','Watched_Value4']
DHCPLSS_REPORT_ON=['new','watched-changed']

# WEBMON
#---------------------------
WEBMON_RUN='disabled'
WEBMON_CMD='python3 /home/pi/pialert/front/plugins/website_monitor/script.py urls={urls}'
WEBMON_RUN_SCHD='0 2 * * *'
WEBMON_API_SQL='SELECT * FROM plugin_website_monitor'
WEBMON_RUN_TIMEOUT=5
WEBMON_WATCH=['Watched_Value1']
WEBMON_REPORT_ON=['new','watched-changed']
WEBMON_urls_to_check=['https://google.com','https://duck.com']
WEBMON_SQL_internet_ip='SELECT dev_LastIP FROM Devices WHERE dev_MAC = {s-quote}Internet{s-quote}'

# UNFIMP
#---------------------------
UNFIMP_RUN='disabled'
UNFIMP_CMD='python3 /home/pi/pialert/front/plugins/unifi_import/script.py username={username} password={password}  host={host} sites={sites}  protocol={protocol} port={port} version={version}'
UNFIMP_username=''
UNFIMP_password=''
UNFIMP_protocol='https://'
UNFIMP_host='192.168.1.1'
UNFIMP_port='8443'
UNFIMP_version=''
UNFIMP_sites=['default']
UNFIMP_RUN_SCHD='0 2 * * *'
UNFIMP_RUN_TIMEOUT=5
UNFIMP_WATCH=['Watched_Value1','Watched_Value4']
UNFIMP_REPORT_ON=['new','watched-changed']

# NEWDEV
#---------------------------
NEWDEV_dev_MAC=''
NEWDEV_dev_Name='(unknown)'
NEWDEV_dev_Vendor=''
NEWDEV_dev_FirstConnection=''
NEWDEV_dev_LastConnection=''
NEWDEV_dev_LastIP=''
NEWDEV_dev_SkipRepeated=0
NEWDEV_dev_LastNotification=''
NEWDEV_dev_Network_Node_port='0'

# DHCPSRVS
#---------------------------
DHCPSRVS_RUN='disabled'
DHCPSRVS_CMD='python3 /home/pi/pialert/front/plugins/dhcp_servers/script.py'
DHCPSRVS_RUN_SCHD='0 2 * * *'
DHCPSRVS_RUN_TIMEOUT=5
DHCPSRVS_WATCH=['Watched_Value1']
DHCPSRVS_REPORT_ON=['new','watched-changed']

# NMAPSRV
#---------------------------
NMAPSRV_RUN='disabled'
NMAPSRV_CMD='SELECT  ns.MAC as Object_PrimaryID, cast({s-quote}http://{s-quote} || dv.dev_LastIP as VARCHAR(100)) || {s-quote}:{s-quote} || cast( SUBSTR(ns.Port ,0, INSTR(ns.Port , {s-quote}/{s-quote})) as VARCHAR(100)) as Object_SecondaryID,  datetime() as DateTime,  ns.Service as Watched_Value1, ns.State as Watched_Value2, dv.dev_Name as Watched_Value3,        {s-quote}null{s-quote} as Watched_Value4,        ns.Extra as Extra, ns.MAC as ForeignKey FROM (SELECT * FROM Nmap_Scan) ns left JOIN (SELECT dev_Name, dev_MAC, dev_LastIP FROM Devices) dv  ON ns.MAC = dv.dev_MAC'
NMAPSRV_RUN_SCHD='0 2 * * *'
NMAPSRV_WATCH=['Watched_Value1']
NMAPSRV_REPORT_ON=['new','watched-changed']

#-------------------IMPORTANT INFO-------------------#
#   This file is ingested by a python script, so if  #
#        modified it needs to use python syntax      #
#-------------------IMPORTANT INFO-------------------#

Paste your docker-compose.yml and .env (remove personal info)

docker-compose.yml 

paste_here

.env 

![image](https://github.com/jokob-sk/Pi.Alert/assets/143028763/97907df1-ff2a-46cf-9ceb-faf758373edb)

Screenshots

image

Paste last few lines from pialert.log

You can use tail -100 /home/pi/pialert/front/log/pialert.log



# paste code below
jokob-sk commented 1 year ago

Hi there!

Can you please try the dev image? It seems to have been fixed after the recent settings page rewrite.

version: "3"
services:
  pialert:
    container_name: pialert
    image: "jokobsk/pi.alert_dev"
    network_mode: "host"
    restart: always
    volumes:
      - ${APP_DATA_LOCATION}/pialert_dev/config:/home/pi/pialert/config
      - ${APP_DATA_LOCATION}/pialert_dev/db:/home/pi/pialert/db
      - ${LOGS_LOCATION}/:/home/pi/pialert/log
    environment:
      - TZ=Europe/Berlin
      - HOST_USER_ID=1036
      - HOST_USER_GID=1000
      - PORT=20211
jokob-sk commented 1 year ago

Can't reproduce - closing for now, will reopen if needed