[Feature request]

[jds11111]

I have been using maltrail for about a year as a plugin on OPNsense. It works great, and the web server is amazing in how it summarizes all that data. The only 'problem' is that my severity has always been low, so I stop checking the server. What I would like to do is setup an alarm on home assistant to warn me when the severity goes up, so that then I can check the server. Is there any easy way to get data from maltrail as sensors on Home Assistant? Even the barest minimal data, like severity level alone, would be extremely useful.

This could be through REST API, or MQTT, for example. Probably something even simpler.

[stamparm]

1) Looks like a good idea, though, I would really need something "tangible"/useful/generic 2) What to do if there is a burst of "high" severity events?

[jds11111]

If there is a burst, it probably requires human intervention, to look at IDS/IPS. So, if there is a sensor in home assistant, I could easily get an alert in any way I am used to (e.g., telegram). Of course, it could get more sophisticated and start blocking things on the firewall, but I prefer one step at a time.

Could you clarify what you mean by point 1? EDIT: Do you mean something that could be useful to many home automationss, for example? A REST API, is widely used, so probably sufficiently generic and tangible. I have already explained why I would find it useful, I think.

I did find that there is an API on OPNsense that has some interaction with maltrail, but I don't think it has what I am looking for.

[ssteeltm]

hello! would be nice if had option on .conf to choose the filter for alert, and another option to enable it, writing the path of sh script to be executed on alert.

with this, anyone can do anything on personal script (alerts on email/telegram/whatsapp/...)