Alert on new WiFi networks
Closed this issue · 0 comments
lennartkoopmann commented
- Keep table
dot11_known_networks- Pull async from
dot11_ssids- Consider tenant
- Update last_seen (async)
- Only insert known networks that are seen for 5+ minutes
- Retention clean all networks not seen for 30 days
- Pull async from
- Monitoring Active/Inactive
- Allow to start
- Warn that events and alerts will trigger for any unapproved seen network
- Allow to stop
- Starts stopped
- Allow to start
- Allow to clean all existing SSIDs and classifications (remove all
known_networksof tenant)- Warn that this will delete all classifications
- Allow to clean individual existing SSIDs and classifications (remove single
known_networks) - List seen networks
- Approved
- Unknown
- Approve/Unapprove
- Ensure alerts expire after approving
- Creates event
NEW_SSID- Allow to ignore ssids
- Show status as ignored
- Eventing active/inactive configuration
- Allow to ignore ssids
- Alert details
- KB article / link
- Why to do it
- Documentation / link
- What is a "known network"
- Retention cleaning
- Must be active for 5+ consecutive minutes
- How to use it
- What is a "known network"