Nuage

From Observer GigaFlow Support | VIAVI Solutions Inc.
Jump to: navigation, search

Script to ingest Nuage records from their central controller 

var utils = Java.type('ros.CROSUtils');
var PrintWriter = Java.type('java.io.PrintWriter');
var writer = new PrintWriter("c:/temp/nuage.json", "UTF-8");
var CFlowRecord = Java.type('ros.servers.CFlowRecord');
var flowRecord = new CFlowRecord()
var deviceManager = actions.getDeviceManager();
var now = new Date().getTime();
//var d = utils.getJSONFromString(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search"));
var d = JSON.parse(utils.getHTTPsGet("c:/temp/viavi1Cert.pem", "c:/temp/viavi1-Key.pem", "https://proxy.lynchehaun.net:6200/nuage_dpi_flowstats-2020.12.09-000001/_search"));
log.warn(JSON.stringify(d));
writer.println(JSON.stringify(d));
writer.close();
for (key in d.hits.hits){
 	var el = d.hits.hits[key]
   var currentDevice = deviceManager.getDevice(0,utils.inet_atob(el._source.SrcNSG),5,now)
   flowRecord.starttime = el._source.timestamp;
 	if ( flowRecord.starttime<now-60000){
    flowRecord.starttime=now;
   }
   flowRecord.duration = 1000;
   flowRecord.srcport = el._source.SrcPort;
   flowRecord.dstport = el._source.DstPort;
   flowRecord.srcadd = utils.inet_atob(el._source.SrcIp);
   flowRecord.dstadd = utils.inet_atob(el._source.DstIp);
   flowRecord.proto = utils.protocolNumbers.getOrDefault(el._source.Proto,"Unknown")
   flowRecord.appid = actions.addFWEventToAppid(el._source.L7Classification);
   if (el._source.SrcVportName){
   flowRecord.inif= currentDevice.getInterfaceFromSyslog(el._source.SrcVportName.hashCode(),el._source.SrcVportName).ifindex;
   flowRecord.outif= 0;
     	flowRecord.bytes = el._source.IngressPackets;
  		flowRecord.packets = el._source.IngressPackets;
   }else{
   	flowRecord.inif= 0;
 		flowRecord.outif= currentDevice.getInterfaceFromSyslog(el._source.DestVportName.hashCode(),el._source.DestVportName).ifindex;
     	flowRecord.bytes = el._source.EgressPackets;
  		flowRecord.packets = el._source.EgressPackets;
   }
 	
 	currentDevice.process(flowRecord);
   log.warn(currentDevice)
   log.warn(JSON.stringify(el._source.timestamp+"\t"+el._source.Proto+"\t"+el._source.timestamp+"\t"+el._source.SrcVportName+"\t"+el._source.DestVportName+"\t"+el._source.SrcIp+"\t"+el._source.DstIp+"\t"+el._source.SrcPort+"\t"+el._source.DstPort+"\t"+el._source.IngressPackets+"\t"+el._source.EgressPackets+"\t"+el._source.IngressBytes+"\t"+el._source.EgressBytes+"\t"+el._source.L7Classification+"\t"+el._source.SrcNSG));

} 

   log.warn(flowRecord)