itrp 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.document +5 -0
- data/Gemfile +19 -0
- data/Gemfile.lock +86 -0
- data/LICENSE.txt +20 -0
- data/README.rdoc +23 -0
- data/Rakefile +51 -0
- data/VERSION +1 -0
- data/lib/cmd_base.rb +106 -0
- data/lib/cmd_root.rb +20 -0
- data/lib/handlers/alert.rb +27 -0
- data/lib/handlers/counter.rb +49 -0
- data/lib/handlers/delete_alerts.rb +43 -0
- data/lib/handlers/flow.rb +29 -0
- data/lib/handlers/fts.rb +32 -0
- data/lib/handlers/getkey.rb +38 -0
- data/lib/handlers/getlabel.rb +39 -0
- data/lib/handlers/help.rb +13 -0
- data/lib/handlers/list.rb +13 -0
- data/lib/handlers/list_counters.rb +32 -0
- data/lib/handlers/meters.rb +40 -0
- data/lib/handlers/options.rb +33 -0
- data/lib/handlers/query_alerts.rb +77 -0
- data/lib/handlers/query_flow.rb +73 -0
- data/lib/handlers/query_fts.rb +51 -0
- data/lib/handlers/query_resource.rb +68 -0
- data/lib/handlers/resolve.rb +34 -0
- data/lib/handlers/resource.rb +30 -0
- data/lib/handlers/set.rb +35 -0
- data/lib/handlers/timeslices.rb +31 -0
- data/lib/handlers/toppers.rb +41 -0
- data/lib/handlers/trackers.rb +49 -0
- data/lib/handlers/traffic.rb +68 -0
- data/lib/itrp.rb +140 -0
- data/test/helper.rb +34 -0
- data/test/test_itrp.rb +7 -0
- metadata +179 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 7c7be689b35c3a9ecd1366e922c6228421bbb6f6
|
4
|
+
data.tar.gz: e8fda01c50ddbd918d98468578d9393f422f98c9
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a79941d2881c42119fac067f13356443f319b7da5344e0e3670ca7bf59a3473434b413042c0d3d19aa62e7889d0a4449311d2efebc889459190d8df96c44c23f
|
7
|
+
data.tar.gz: 9538ae8217593e32407ac23afb50d5d537cb05ed01bbc9279d9fef051883b8059fe72bc48d7fdefd0868563c0c38774c596b94dee71b4cabd0e167b7b2e981aa
|
data/.document
ADDED
data/Gemfile
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
source "http://rubygems.org"
|
2
|
+
|
3
|
+
# Add dependencies required to use your gem here.
|
4
|
+
gem "trisulrp"
|
5
|
+
gem "terminal-table"
|
6
|
+
|
7
|
+
# Add dependencies required to use your gem here.
|
8
|
+
# Example:
|
9
|
+
# gem "activesupport", ">= 2.3.5"
|
10
|
+
|
11
|
+
# Add dependencies to develop your gem here.
|
12
|
+
# Include everything needed to run rake, tests, features, etc.
|
13
|
+
group :development do
|
14
|
+
gem "shoulda", ">= 0"
|
15
|
+
gem "rdoc", "~> 3.12"
|
16
|
+
gem "bundler", "~> 1.0"
|
17
|
+
gem "jeweler", "~> 2.0.1"
|
18
|
+
gem "simplecov", ">= 0"
|
19
|
+
end
|
data/Gemfile.lock
ADDED
@@ -0,0 +1,86 @@
|
|
1
|
+
GEM
|
2
|
+
remote: http://rubygems.org/
|
3
|
+
specs:
|
4
|
+
activesupport (4.2.5)
|
5
|
+
i18n (~> 0.7)
|
6
|
+
json (~> 1.7, >= 1.7.7)
|
7
|
+
minitest (~> 5.1)
|
8
|
+
thread_safe (~> 0.3, >= 0.3.4)
|
9
|
+
tzinfo (~> 1.1)
|
10
|
+
addressable (2.4.0)
|
11
|
+
builder (3.2.2)
|
12
|
+
descendants_tracker (0.0.4)
|
13
|
+
thread_safe (~> 0.3, >= 0.3.1)
|
14
|
+
docile (1.1.5)
|
15
|
+
faraday (0.9.2)
|
16
|
+
multipart-post (>= 1.2, < 3)
|
17
|
+
git (1.2.9.1)
|
18
|
+
github_api (0.13.0)
|
19
|
+
addressable (~> 2.3)
|
20
|
+
descendants_tracker (~> 0.0.4)
|
21
|
+
faraday (~> 0.8, < 0.10)
|
22
|
+
hashie (>= 3.4)
|
23
|
+
multi_json (>= 1.7.5, < 2.0)
|
24
|
+
nokogiri (~> 1.6.6)
|
25
|
+
oauth2
|
26
|
+
hashie (3.4.3)
|
27
|
+
highline (1.7.8)
|
28
|
+
i18n (0.7.0)
|
29
|
+
jeweler (2.0.1)
|
30
|
+
builder
|
31
|
+
bundler (>= 1.0)
|
32
|
+
git (>= 1.2.5)
|
33
|
+
github_api
|
34
|
+
highline (>= 1.6.15)
|
35
|
+
nokogiri (>= 1.5.10)
|
36
|
+
rake
|
37
|
+
rdoc
|
38
|
+
json (1.8.3)
|
39
|
+
jwt (1.5.2)
|
40
|
+
mini_portile2 (2.0.0)
|
41
|
+
minitest (5.8.3)
|
42
|
+
multi_json (1.11.2)
|
43
|
+
multi_xml (0.5.5)
|
44
|
+
multipart-post (2.0.0)
|
45
|
+
nokogiri (1.6.7)
|
46
|
+
mini_portile2 (~> 2.0.0.rc2)
|
47
|
+
oauth2 (1.0.0)
|
48
|
+
faraday (>= 0.8, < 0.10)
|
49
|
+
jwt (~> 1.0)
|
50
|
+
multi_json (~> 1.3)
|
51
|
+
multi_xml (~> 0.5)
|
52
|
+
rack (~> 1.2)
|
53
|
+
rack (1.6.4)
|
54
|
+
rake (10.4.2)
|
55
|
+
rdoc (3.12.2)
|
56
|
+
json (~> 1.4)
|
57
|
+
ruby-protocol-buffers (1.6.1)
|
58
|
+
shoulda (3.5.0)
|
59
|
+
shoulda-context (~> 1.0, >= 1.0.1)
|
60
|
+
shoulda-matchers (>= 1.4.1, < 3.0)
|
61
|
+
shoulda-context (1.2.1)
|
62
|
+
shoulda-matchers (2.8.0)
|
63
|
+
activesupport (>= 3.0.0)
|
64
|
+
simplecov (0.11.1)
|
65
|
+
docile (~> 1.1.0)
|
66
|
+
json (~> 1.8)
|
67
|
+
simplecov-html (~> 0.10.0)
|
68
|
+
simplecov-html (0.10.0)
|
69
|
+
terminal-table (1.5.2)
|
70
|
+
thread_safe (0.3.5)
|
71
|
+
trisulrp (2.4.1)
|
72
|
+
ruby-protocol-buffers
|
73
|
+
tzinfo (1.2.2)
|
74
|
+
thread_safe (~> 0.1)
|
75
|
+
|
76
|
+
PLATFORMS
|
77
|
+
ruby
|
78
|
+
|
79
|
+
DEPENDENCIES
|
80
|
+
bundler (~> 1.0)
|
81
|
+
jeweler (~> 2.0.1)
|
82
|
+
rdoc (~> 3.12)
|
83
|
+
shoulda
|
84
|
+
simplecov
|
85
|
+
terminal-table
|
86
|
+
trisulrp
|
data/LICENSE.txt
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2015 vivekrajan
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
= itrp
|
2
|
+
|
3
|
+
iTRP is a Command Line Interface (CLI) application for Network Security and Traffic Monitoring.
|
4
|
+
|
5
|
+
It uses the Trisul Remote Protocol (TRP) to connect to a running instance of Trisul.
|
6
|
+
|
7
|
+
|
8
|
+
|
9
|
+
== Contributing to itrp
|
10
|
+
|
11
|
+
* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet.
|
12
|
+
* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it.
|
13
|
+
* Fork the project.
|
14
|
+
* Start a feature/bugfix branch.
|
15
|
+
* Commit and push until you are happy with your contribution.
|
16
|
+
* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
|
17
|
+
* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
|
18
|
+
|
19
|
+
== Copyright
|
20
|
+
|
21
|
+
Copyright (c) 2015 vivekrajan. See LICENSE.txt for
|
22
|
+
further details.
|
23
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
|
3
|
+
require 'rubygems'
|
4
|
+
require 'bundler'
|
5
|
+
begin
|
6
|
+
Bundler.setup(:default, :development)
|
7
|
+
rescue Bundler::BundlerError => e
|
8
|
+
$stderr.puts e.message
|
9
|
+
$stderr.puts "Run `bundle install` to install missing gems"
|
10
|
+
exit e.status_code
|
11
|
+
end
|
12
|
+
require 'rake'
|
13
|
+
|
14
|
+
require 'jeweler'
|
15
|
+
Jeweler::Tasks.new do |gem|
|
16
|
+
# gem is a Gem::Specification... see http://guides.rubygems.org/specification-reference/ for more options
|
17
|
+
gem.name = "itrp"
|
18
|
+
gem.homepage = "http://github.com/vivekrajan/itrp"
|
19
|
+
gem.license = "MIT"
|
20
|
+
gem.summary = %Q{iTRP - Command Line Interface to Trisul Network Analytics}
|
21
|
+
gem.description = %Q{iTRP is an extensible CLI app with tab completion for Network Security and Traffic Monitoring (NSM)}
|
22
|
+
gem.email = "vivek@unleashnetworks.com"
|
23
|
+
gem.authors = ["vivekrajan"]
|
24
|
+
# dependencies defined in Gemfile
|
25
|
+
end
|
26
|
+
Jeweler::RubygemsDotOrgTasks.new
|
27
|
+
|
28
|
+
require 'rake/testtask'
|
29
|
+
Rake::TestTask.new(:test) do |test|
|
30
|
+
test.libs << 'lib' << 'test'
|
31
|
+
test.pattern = 'test/**/test_*.rb'
|
32
|
+
test.verbose = true
|
33
|
+
end
|
34
|
+
|
35
|
+
desc "Code coverage detail"
|
36
|
+
task :simplecov do
|
37
|
+
ENV['COVERAGE'] = "true"
|
38
|
+
Rake::Task['test'].execute
|
39
|
+
end
|
40
|
+
|
41
|
+
task :default => :test
|
42
|
+
|
43
|
+
require 'rdoc/task'
|
44
|
+
Rake::RDocTask.new do |rdoc|
|
45
|
+
version = File.exist?('VERSION') ? File.read('VERSION') : ""
|
46
|
+
|
47
|
+
rdoc.rdoc_dir = 'rdoc'
|
48
|
+
rdoc.title = "itrp #{version}"
|
49
|
+
rdoc.rdoc_files.include('README*')
|
50
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
51
|
+
end
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
0.1.0
|
data/lib/cmd_base.rb
ADDED
@@ -0,0 +1,106 @@
|
|
1
|
+
require 'terminal-table'
|
2
|
+
|
3
|
+
module ITRP
|
4
|
+
|
5
|
+
|
6
|
+
class Cmd
|
7
|
+
attr_reader :enabled_in_state
|
8
|
+
attr_reader :attach_cmd
|
9
|
+
attr_reader :trigger
|
10
|
+
attr_reader :children
|
11
|
+
|
12
|
+
def initialize(appenv)
|
13
|
+
@children=[]
|
14
|
+
@missing=[]
|
15
|
+
@appenv=appenv
|
16
|
+
end
|
17
|
+
|
18
|
+
def completions(s)
|
19
|
+
@children.collect { |c| c.trigger }.grep(/#{s}/)
|
20
|
+
end
|
21
|
+
|
22
|
+
def enter(s); end
|
23
|
+
|
24
|
+
def find_node(linebuffer_arr)
|
25
|
+
|
26
|
+
return self if linebuffer_arr.empty?
|
27
|
+
|
28
|
+
@children.each do |c|
|
29
|
+
if c.trigger == linebuffer_arr.first
|
30
|
+
return c.find_node(linebuffer_arr.drop(1))
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
return self
|
35
|
+
end
|
36
|
+
|
37
|
+
def place_node(n)
|
38
|
+
|
39
|
+
@missing.reject! do |m|
|
40
|
+
if n.trigger == m.attach_cmd
|
41
|
+
n.children << m
|
42
|
+
true
|
43
|
+
else
|
44
|
+
false
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
if n.attach_cmd==@trigger
|
49
|
+
@children << n
|
50
|
+
return true
|
51
|
+
else
|
52
|
+
@children.each do |c|
|
53
|
+
return true if c.place_node(n)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
@missing << n
|
58
|
+
return false
|
59
|
+
end
|
60
|
+
|
61
|
+
def set_time_window
|
62
|
+
# get entire time window
|
63
|
+
@appenv.context_data[:time_window]= TrisulRP::Protocol.get_available_time(@appenv.zmq_endpt)
|
64
|
+
@appenv.context_data[:time_interval]= mk_time_interval(@appenv.context_data[:time_window])
|
65
|
+
print("Connected to #{@appenv.zmq_endpt}\n");
|
66
|
+
end
|
67
|
+
|
68
|
+
def treeprint(indentation=0)
|
69
|
+
ind=" "*4*indentation
|
70
|
+
print "#{ind}#{@trigger}\n"
|
71
|
+
@children.each { |c| c.treeprint(indentation+1) }
|
72
|
+
end
|
73
|
+
|
74
|
+
def appstate(sym)
|
75
|
+
@appenv.context_data[sym]
|
76
|
+
end
|
77
|
+
|
78
|
+
def print_state
|
79
|
+
print("\n")
|
80
|
+
|
81
|
+
tmarr = appstate(:time_window)
|
82
|
+
print("Server : #{@appenv.zmq_endpt}\n")
|
83
|
+
print("Time window : #{Time.at(tmarr[0])} to #{Time.at(tmarr[1])} #{tmarr[1]-tmarr[0]} seconds \n");
|
84
|
+
print("Context : #{@appenv.context}\n");
|
85
|
+
print("Prompt : #{@appenv.prompt}\n");
|
86
|
+
if @appenv.context != :any
|
87
|
+
print("Selected Group : #{appstate(:cgname)}\n");
|
88
|
+
print("Selected GUID : #{appstate(:cgguid)}\n");
|
89
|
+
print("Selected Key : #{appstate(:cgkey)}\n");
|
90
|
+
end
|
91
|
+
|
92
|
+
@appenv.context_data.each do |k,v|
|
93
|
+
unless [:time_window, :time_interval, :cgguid, :cgname, :cgkey].member? k
|
94
|
+
print("#{k}".ljust(14,' ') + " : #{v}\n" )
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
|
100
|
+
protected
|
101
|
+
def wrap(str,width)
|
102
|
+
str.gsub!(/(.{1,#{width}})( +|$\n?)|(.{1,#{width}})/, "\\1\\3\n")
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
end
|
data/lib/cmd_root.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
module ITRP
|
2
|
+
|
3
|
+
class Cmd_root < Cmd
|
4
|
+
|
5
|
+
def initialize (e)
|
6
|
+
super(e)
|
7
|
+
@enabled_in_state = :any
|
8
|
+
@attach_cmd = ''
|
9
|
+
@trigger = ''
|
10
|
+
end
|
11
|
+
|
12
|
+
|
13
|
+
def enter(cmdline)
|
14
|
+
unless ["","reload", "clear" ].member? cmdline.strip
|
15
|
+
print("#{cmdline} #{@enabled_in_state} : not found\n");
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
module ITRP
|
2
|
+
|
3
|
+
class Cmd_alert < Cmd
|
4
|
+
def initialize (e)
|
5
|
+
super(e)
|
6
|
+
@enabled_in_state = :any
|
7
|
+
@attach_cmd = 'set'
|
8
|
+
@trigger = 'alert'
|
9
|
+
end
|
10
|
+
|
11
|
+
|
12
|
+
def completions(patt)
|
13
|
+
[ "External IDS {9AFD8C08-07EB-47E0-BF05-28B4A7AE8DC9}",
|
14
|
+
"Blacklist activity BL {5E97C3A3-41DB-4E34-92C3-87C904FAB83E}",
|
15
|
+
"Threshold crossing TCA {03AC6B72-FDB7-44C0-9B8C-7A1975C1C5BA}",
|
16
|
+
"System Alerts SYS {18CE5961-38FF-4AEA-BAF8-2019F3A09063}",
|
17
|
+
"Threshold Band TB {0E7E367D-4455-4680-BC73-699D81B7CBE0}"
|
18
|
+
].grep( /#{Regexp.escape(patt)}/i)
|
19
|
+
end
|
20
|
+
|
21
|
+
def enter(s)
|
22
|
+
puts("Process set alert ");
|
23
|
+
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
module ITRP
|
2
|
+
|
3
|
+
class Cmd_counter < Cmd
|
4
|
+
def initialize (e)
|
5
|
+
super(e)
|
6
|
+
@enabled_in_state = :any
|
7
|
+
@attach_cmd = 'set'
|
8
|
+
@trigger = 'counter'
|
9
|
+
end
|
10
|
+
|
11
|
+
def completions(patt)
|
12
|
+
req =mk_request(TRP::Message::Command::COUNTER_GROUP_INFO_REQUEST)
|
13
|
+
cgdtls = []
|
14
|
+
|
15
|
+
get_response_zmq(@appenv.zmq_endpt,req) do |resp|
|
16
|
+
resp.group_details.each do |group_detail|
|
17
|
+
cgdtls << group_detail.name
|
18
|
+
cgdtls << group_detail.guid
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
cgdtls.grep( /^#{Regexp.escape(patt)}/i)
|
23
|
+
|
24
|
+
end
|
25
|
+
|
26
|
+
|
27
|
+
def enter(cmdline)
|
28
|
+
req =mk_request(TRP::Message::Command::COUNTER_GROUP_INFO_REQUEST)
|
29
|
+
patt = cmdline.scan(/set\s+counter\s+(.*)/).flatten.first
|
30
|
+
get_response_zmq(@appenv.zmq_endpt,req) do |resp|
|
31
|
+
resp.group_details.each do |group_detail|
|
32
|
+
if group_detail.name == patt
|
33
|
+
print("\nContext set to counter group [#{group_detail.name}] [#{group_detail.guid}]\n\n")
|
34
|
+
@appenv.prompt = "iTRP C:(#{patt})> "
|
35
|
+
@appenv.context_data[:cgguid] = group_detail.guid
|
36
|
+
@appenv.context_data[:cgname] = group_detail.name
|
37
|
+
@appenv.context = :counter
|
38
|
+
return
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
end
|
44
|
+
|
45
|
+
|
46
|
+
end
|
47
|
+
|
48
|
+
end
|
49
|
+
|
@@ -0,0 +1,43 @@
|
|
1
|
+
module ITRP
|
2
|
+
|
3
|
+
class Cmd_delete_alerts < Cmd
|
4
|
+
def initialize (e)
|
5
|
+
super(e)
|
6
|
+
@enabled_in_state = :alerts
|
7
|
+
@attach_cmd = ''
|
8
|
+
@trigger = 'delete'
|
9
|
+
end
|
10
|
+
|
11
|
+
def completions(patt)
|
12
|
+
TRP::DeleteAlertsRequest
|
13
|
+
.fields
|
14
|
+
.values
|
15
|
+
.collect { |a| a.name }
|
16
|
+
.grep( /^#{Regexp.escape(patt)}/i)
|
17
|
+
end
|
18
|
+
|
19
|
+
|
20
|
+
def enter(cmdline)
|
21
|
+
|
22
|
+
terms = patt.scan( /(\w+)\s*=\s*([\w\-_\.\:,]+)+/ )
|
23
|
+
qparams = terms.inject({}) { |acc,t| acc.store( t[0].to_sym, t[1]);acc}
|
24
|
+
|
25
|
+
p qparams
|
26
|
+
|
27
|
+
# meter names
|
28
|
+
req =mk_request(TRP::Message::Command::DELETE_ALERTS_REQUEST,
|
29
|
+
{ :alert_group => appstate(:cgguid),
|
30
|
+
:time_interval => apstate(:time_interval)
|
31
|
+
}.merge(qparams))
|
32
|
+
|
33
|
+
|
34
|
+
resp = get_response_zmq(@appenv.zmq_endpt,req)
|
35
|
+
|
36
|
+
puts(resp.message)
|
37
|
+
|
38
|
+
end
|
39
|
+
|
40
|
+
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|