Difference between revisions of "Nuage"
From Observer GigaFlow Support | VIAVI Solutions Inc.
Kevin Wilkie (Talk | contribs) (Created page with "Script to ingest Nuage records from their central controller var utils = Java.type('ros.CROSUtils'); var PrintWriter = Java.type('java.io.PrintWriter'); var writer = new Print...") |
Kevin Wilkie (Talk | contribs) |
||
(2 intermediate revisions by one user not shown) | |||
Line 1: | Line 1: | ||
Script to ingest Nuage records from their central controller | Script to ingest Nuage records from their central controller | ||
− | var utils = Java.type('ros.CROSUtils'); | + | var utils = Java.type('ros.CROSUtils'); |
− | var PrintWriter = Java.type('java.io.PrintWriter'); | + | var PrintWriter = Java.type('java.io.PrintWriter'); |
− | var writer = new PrintWriter("c:/temp/nuage.json", "UTF-8"); | + | var writer = new PrintWriter("c:/temp/nuage.json", "UTF-8"); |
− | var CFlowRecord = Java.type('ros.servers.CFlowRecord'); | + | var CFlowRecord = Java.type('ros.servers.CFlowRecord'); |
− | var flowRecord = new CFlowRecord() | + | var flowRecord = new CFlowRecord() |
− | var deviceManager = actions.getDeviceManager(); | + | var deviceManager = actions.getDeviceManager(); |
− | var now = new Date().getTime(); | + | var now = new Date().getTime(); |
− | //var d = utils.getJSONFromString(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search")); | + | //var d = utils.getJSONFromString(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search")); |
− | var d = JSON.parse(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search")); | + | var d = JSON.parse(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search")); |
− | log.warn(JSON.stringify(d)); | + | log.warn(JSON.stringify(d)); |
− | writer.println(JSON.stringify(d)); | + | writer.println(JSON.stringify(d)); |
− | writer.close(); | + | writer.close(); |
− | for (key in d.hits.hits){ | + | for (key in d.hits.hits){ |
var el = d.hits.hits[key] | var el = d.hits.hits[key] | ||
var currentDevice = deviceManager.getDevice(0,utils.inet_atob(el._source.SrcNSG),5,now) | var currentDevice = deviceManager.getDevice(0,utils.inet_atob(el._source.SrcNSG),5,now) | ||
Line 23: | Line 23: | ||
flowRecord.dstport = el._source.DstPort; | flowRecord.dstport = el._source.DstPort; | ||
flowRecord.srcadd = utils.inet_atob(el._source.SrcIp); | flowRecord.srcadd = utils.inet_atob(el._source.SrcIp); | ||
− | + | flowRecord.dstadd = utils.inet_atob(el._source.DstIp); | |
− | + | flowRecord.proto = utils.protocolNumbers.getOrDefault(el._source.Proto,"Unknown") | |
− | + | flowRecord.appid = actions.addFWEventToAppid(el._source.L7Classification); | |
− | + | if (el._source.SrcVportName){ | |
− | + | flowRecord.inif= currentDevice.getInterfaceFromSyslog(el._source.SrcVportName.hashCode(),el._source.SrcVportName).ifindex; | |
− | + | flowRecord.outif= 0; | |
− | + | ||
flowRecord.bytes = el._source.IngressPackets; | flowRecord.bytes = el._source.IngressPackets; | ||
flowRecord.packets = el._source.IngressPackets; | flowRecord.packets = el._source.IngressPackets; | ||
Line 41: | Line 40: | ||
currentDevice.process(flowRecord); | currentDevice.process(flowRecord); | ||
log.warn(currentDevice) | log.warn(currentDevice) | ||
− | + | log.warn(JSON.stringify(el._source.timestamp+"\t"+el._source.Proto+"\t"+el._source.timestamp+"\t"+el._source.SrcVportName+"\t"+el._source.DestVportName+"\t"+el._source.SrcIp+"\t"+el._source.DstIp+"\t"+el._source.SrcPort+"\t"+el._source.DstPort+"\t"+el._source.IngressPackets+"\t"+el._source.EgressPackets+"\t"+el._source.IngressBytes+"\t"+el._source.EgressBytes+"\t"+el._source.L7Classification+"\t"+el._source.SrcNSG)); | |
} | } | ||
− | log.warn(flowRecord) | + | log.warn(flowRecord) |
Latest revision as of 10:34, 3 August 2021
Script to ingest Nuage records from their central controller
var utils = Java.type('ros.CROSUtils'); var PrintWriter = Java.type('java.io.PrintWriter'); var writer = new PrintWriter("c:/temp/nuage.json", "UTF-8"); var CFlowRecord = Java.type('ros.servers.CFlowRecord'); var flowRecord = new CFlowRecord() var deviceManager = actions.getDeviceManager(); var now = new Date().getTime(); //var d = utils.getJSONFromString(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search")); var d = JSON.parse(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search")); log.warn(JSON.stringify(d)); writer.println(JSON.stringify(d)); writer.close(); for (key in d.hits.hits){ var el = d.hits.hits[key] var currentDevice = deviceManager.getDevice(0,utils.inet_atob(el._source.SrcNSG),5,now) flowRecord.starttime = el._source.timestamp; if ( flowRecord.starttime<now-60000){ flowRecord.starttime=now; } flowRecord.duration = 1000; flowRecord.srcport = el._source.SrcPort; flowRecord.dstport = el._source.DstPort; flowRecord.srcadd = utils.inet_atob(el._source.SrcIp); flowRecord.dstadd = utils.inet_atob(el._source.DstIp); flowRecord.proto = utils.protocolNumbers.getOrDefault(el._source.Proto,"Unknown") flowRecord.appid = actions.addFWEventToAppid(el._source.L7Classification); if (el._source.SrcVportName){ flowRecord.inif= currentDevice.getInterfaceFromSyslog(el._source.SrcVportName.hashCode(),el._source.SrcVportName).ifindex; flowRecord.outif= 0; flowRecord.bytes = el._source.IngressPackets; flowRecord.packets = el._source.IngressPackets; }else{ flowRecord.inif= 0; flowRecord.outif= currentDevice.getInterfaceFromSyslog(el._source.DestVportName.hashCode(),el._source.DestVportName).ifindex; flowRecord.bytes = el._source.EgressPackets; flowRecord.packets = el._source.EgressPackets; } currentDevice.process(flowRecord); log.warn(currentDevice) log.warn(JSON.stringify(el._source.timestamp+"\t"+el._source.Proto+"\t"+el._source.timestamp+"\t"+el._source.SrcVportName+"\t"+el._source.DestVportName+"\t"+el._source.SrcIp+"\t"+el._source.DstIp+"\t"+el._source.SrcPort+"\t"+el._source.DstPort+"\t"+el._source.IngressPackets+"\t"+el._source.EgressPackets+"\t"+el._source.IngressBytes+"\t"+el._source.EgressBytes+"\t"+el._source.L7Classification+"\t"+el._source.SrcNSG));
}
log.warn(flowRecord)