DB cleanup script + docs

docs/REMOTE_NETWORKS.md

@@ -44,6 +44,6 @@ To create truly dummy devices, you can use a loopback IP address (e.g., `0.0.0.0
 
 ## NMAP and Fake MAC Addresses
 
-Scanning remote networks with NMAP is possible (vai the `NMAPDEV` plugin), but since it cannot retrieve the MAC address, you need to enable the `NMAPDEV_FAKE_MAC` setting. This will generate a fake MAC address based on the IP address, allowing you to track devices. However, this can lead to inconsistencies, especially if the IP address changes or a previously logged device is rediscovered. If this setting is disabled, only the IP address will be discovered, and devices with missing MAC addresses will be skipped.
+Scanning remote networks with NMAP is possible (via the `NMAPDEV` plugin), but since it cannot retrieve the MAC address, you need to enable the `NMAPDEV_FAKE_MAC` setting. This will generate a fake MAC address based on the IP address, allowing you to track devices. However, this can lead to inconsistencies, especially if the IP address changes or a previously logged device is rediscovered. If this setting is disabled, only the IP address will be discovered, and devices with missing MAC addresses will be skipped.
 
 Check the [NMAPDEV plugin](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/nmap_dev_scan) for details

front/plugins/omada_sdn_imp/README.md

@@ -65,7 +65,7 @@ can not fix some of tplinks OMADA SDN own limitations/bugs:
 
 
 
-### Other infos
+### Other info
 
-- Author : Flying Toto
+- Author : [Flying Toto](https://github.com/FlyingToto)
 - Date : 04-Jul-2024 - version 1.0

scripts/db_cleanup/README.md

@@ -0,0 +1,38 @@
+# Usage
+
+1. **Run the Script**
+
+`python ./db_cleanup.py`
+
+2. **Menu Options**
+- **1. Check/Clean by MAC address**
+  - Enter a MAC address in the format `xx:xx:xx:xx:xx:xx`.
+  - The script will query the database and display any matching entries.
+  - Confirm to delete the entries if desired.
+- **2. Check/Clean by IP address**
+  - Enter an IP address in the format `xxx.xxx.xxx.xxx`.
+  - The script will query the database and display any matching entries.
+  - Confirm to delete the entries if desired.
+- **3. Exit**
+  - Quit the script.
+
+## Database Queries
+
+The script checks the following tables:
+- `Events`
+- `Devices`
+- `CurrentScan`
+- `Notifications`
+- `AppEvents`
+- `Plugins_Objects`
+
+For each MAC or IP address provided, the script:
+
+1. Queries the tables for matching entries.
+2. Prompts to delete the entries if any are found.
+
+
+### Other info
+
+- Date : 23-Dec-2024 - version 1.0
+- Author: [laxduke](https://github.com/laxduke)

scripts/db_cleanup/db_cleanup.py

@@ -0,0 +1,111 @@
+#!/usr/bin/env python3
+import subprocess
+import sys
+
+def run_sqlite_command(command):
+    full_command = f"sudo docker exec -i netalertx sqlite3 /app/db/app.db \"{command}\""
+    try:
+        result = subprocess.run(full_command, shell=True, text=True, capture_output=True)
+        if result.stderr:
+            print(f"Error: {result.stderr}")
+        return result.stdout
+    except subprocess.CalledProcessError as e:
+        print(f"Error executing command: {e}")
+        return None
+
+def check_and_clean_device():
+    while True:
+        print("\nDevice Cleanup Tool")
+        print("1. Check/Clean by MAC address")
+        print("2. Check/Clean by IP address")
+        print("3. Exit")
+        
+        choice = input("\nSelect option (1-3): ")
+        
+        if choice == "1":
+            mac = input("Enter MAC address (format: xx:xx:xx:xx:xx:xx): ").lower()
+            
+            # Check all tables for MAC
+            tables_checks = [
+                f"SELECT 'Events' as source, * FROM Events WHERE eve_MAC='{mac}'",
+                f"SELECT 'Devices' as source, * FROM Devices WHERE dev_MAC='{mac}'",
+                f"SELECT 'CurrentScan' as source, * FROM CurrentScan WHERE cur_MAC='{mac}'",
+                f"SELECT 'Notifications' as source, * FROM Notifications WHERE JSON LIKE '%{mac}%'",
+                f"SELECT 'AppEvents' as source, * FROM AppEvents WHERE ObjectPrimaryID LIKE '%{mac}%' OR ObjectSecondaryID LIKE '%{mac}%'",
+                f"SELECT 'Plugins_Objects' as source, * FROM Plugins_Objects WHERE Object_PrimaryID LIKE '%{mac}%'"
+            ]
+            
+            found = False
+            for check in tables_checks:
+                result = run_sqlite_command(check)
+                if result and result.strip():
+                    found = True
+                    print(f"\nFound entries:\n{result}")
+            
+            if found:
+                confirm = input("\nWould you like to clean these entries? (y/n): ")
+                if confirm.lower() == 'y':
+                    # Delete from all tables
+                    deletes = [
+                        f"DELETE FROM Events WHERE eve_MAC='{mac}'",
+                        f"DELETE FROM Devices WHERE dev_MAC='{mac}'",
+                        f"DELETE FROM CurrentScan WHERE cur_MAC='{mac}'",
+                        f"DELETE FROM Notifications WHERE JSON LIKE '%{mac}%'",
+                        f"DELETE FROM AppEvents WHERE ObjectPrimaryID LIKE '%{mac}%' OR ObjectSecondaryID LIKE '%{mac}%'",
+                        f"DELETE FROM Plugins_Objects WHERE Object_PrimaryID LIKE '%{mac}%'"
+                    ]
+                    
+                    for delete in deletes:
+                        run_sqlite_command(delete)
+                    print("Cleanup completed!")
+            else:
+                print("\nNo entries found for this MAC address")
+                
+        elif choice == "2":
+            ip = input("Enter IP address (format: xxx.xxx.xxx.xxx): ")
+            
+            # Check all tables for IP
+            tables_checks = [
+                f"SELECT 'Events' as source, * FROM Events WHERE eve_IP='{ip}'",
+                f"SELECT 'Devices' as source, * FROM Devices WHERE dev_LastIP='{ip}'",
+                f"SELECT 'CurrentScan' as source, * FROM CurrentScan WHERE cur_IP='{ip}'",
+                f"SELECT 'Notifications' as source, * FROM Notifications WHERE JSON LIKE '%{ip}%'",
+                f"SELECT 'AppEvents' as source, * FROM AppEvents WHERE ObjectSecondaryID LIKE '%{ip}%'",
+                f"SELECT 'Plugins_Objects' as source, * FROM Plugins_Objects WHERE Object_SecondaryID LIKE '%{ip}%'"
+            ]
+            
+            found = False
+            for check in tables_checks:
+                result = run_sqlite_command(check)
+                if result and result.strip():
+                    found = True
+                    print(f"\nFound entries:\n{result}")
+            
+            if found:
+                confirm = input("\nWould you like to clean these entries? (y/n): ")
+                if confirm.lower() == 'y':
+                    # Delete from all tables
+                    deletes = [
+                        f"DELETE FROM Events WHERE eve_IP='{ip}'",
+                        f"DELETE FROM Devices WHERE dev_LastIP='{ip}'",
+                        f"DELETE FROM CurrentScan WHERE cur_IP='{ip}'",
+                        f"DELETE FROM Notifications WHERE JSON LIKE '%{ip}%'",
+                        f"DELETE FROM AppEvents WHERE ObjectSecondaryID LIKE '%{ip}%'",
+                        f"DELETE FROM Plugins_Objects WHERE Object_SecondaryID LIKE '%{ip}%'"
+                    ]
+                    
+                    for delete in deletes:
+                        run_sqlite_command(delete)
+                    print("Cleanup completed!")
+            else:
+                print("\nNo entries found for this IP address")
+                
+        elif choice == "3":
+            print("\nExiting...")
+            break
+        
+        else:
+            print("\nInvalid option, please try again")
+
+if __name__ == "__main__":
+    check_and_clean_device()