feat: Add UFW log monitoring

- Added a new function `get_ufw_logs` to monitor `/var/log/ufw.log`.
- Added a new table `ufw_logs` to the database to store UFW log data.
- Updated `analyze_data_locally` to detect anomalies in UFW logs (high number of blocked connections).
- Integrated the new functionality into the main monitoring loop.

database.py

@@ -84,6 +84,16 @@ def initialize_database():
         )
         """)
 
+        # Table for ufw logs
+        cursor.execute("""
+        CREATE TABLE IF NOT EXISTS ufw_logs (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            monitoring_data_id INTEGER,
+            log_line TEXT,
+            FOREIGN KEY (monitoring_data_id) REFERENCES monitoring_data (id)
+        )
+        """)
+
         conn.commit()
         conn.close()
         logger.info("Database initialized successfully.")
@@ -136,6 +146,12 @@ def store_data(new_data):
                 cursor.execute("INSERT INTO syslog (monitoring_data_id, log_data) VALUES (?, ?)",
                                (monitoring_data_id, json.dumps(log)))
 
+        # Insert into ufw_logs
+        if 'ufw_logs' in new_data:
+            for line in new_data['ufw_logs']:
+                cursor.execute("INSERT INTO ufw_logs (monitoring_data_id, log_line) VALUES (?, ?)",
+                               (monitoring_data_id, line))
+
         conn.commit()
         conn.close()
     except sqlite3.Error as e:
@@ -233,6 +249,7 @@ def enforce_retention_policy(retention_days=7):
         cursor.execute(f"DELETE FROM nmap_scans WHERE monitoring_data_id IN ({placeholders})", old_ids)
         cursor.execute(f"DELETE FROM docker_status WHERE monitoring_data_id IN ({placeholders})", old_ids)
         cursor.execute(f"DELETE FROM syslog WHERE monitoring_data_id IN ({placeholders})", old_ids)
+        cursor.execute(f"DELETE FROM ufw_logs WHERE monitoring_data_id IN ({placeholders})", old_ids)
 
         # Delete from the main table
         cursor.execute(f"DELETE FROM monitoring_data WHERE id IN ({placeholders})", old_ids)