trisulrp 2.2.8 → 3.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/Rakefile +3 -3
- data/VERSION +1 -1
- data/lib/trisulrp.rb +0 -2
- data/lib/trisulrp/protocol.rb +205 -121
- data/lib/trisulrp/trp.pb.rb +753 -775
- data/lib/trisulrp/trp.proto +688 -494
- data/trisulrp.gemspec +12 -13
- metadata +5 -6
- data/lib/trisulrp/utils.rb +0 -215
data/lib/trisulrp/trp.proto
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
// Trisul Remote Protocol (TRP) definition
|
2
2
|
// Based on Google Protocol Buffers
|
3
|
-
// (c)
|
3
|
+
// (c) 2012-16, Unleash Networks (http://www.unleashnetworks.com)
|
4
4
|
// $Rev: 6946 $
|
5
5
|
|
6
6
|
option optimize_for = LITE_RUNTIME;
|
@@ -8,6 +8,9 @@ option optimize_for = LITE_RUNTIME;
|
|
8
8
|
|
9
9
|
package TRP;
|
10
10
|
|
11
|
+
//
|
12
|
+
// Basic structures
|
13
|
+
//
|
11
14
|
message Timestamp {
|
12
15
|
required int64 tv_sec=1;
|
13
16
|
optional int64 tv_usec=2 [default=0];
|
@@ -23,6 +26,11 @@ message StatsTuple {
|
|
23
26
|
required int64 val=2;
|
24
27
|
}
|
25
28
|
|
29
|
+
message StatsArray {
|
30
|
+
required int64 ts_tv_sec=1;
|
31
|
+
repeated int64 values=2;
|
32
|
+
}
|
33
|
+
|
26
34
|
message MeterValues {
|
27
35
|
required int32 meter=1;
|
28
36
|
repeated StatsTuple values=2;
|
@@ -57,34 +65,26 @@ message MeterInfo {
|
|
57
65
|
}
|
58
66
|
|
59
67
|
message KeyStats {
|
60
|
-
optional int64 context=1[default=0];
|
61
68
|
required string counter_group=2;
|
62
|
-
required
|
69
|
+
required KeyT key=3;
|
63
70
|
repeated MeterValues meters=4;
|
64
71
|
}
|
65
72
|
|
66
|
-
message KeyDetails {
|
67
|
-
required string key=1;
|
68
|
-
optional string label=2;
|
69
|
-
optional string description=3;
|
70
|
-
optional int64 metric=4;
|
71
|
-
}
|
72
73
|
|
73
|
-
|
74
|
-
|
75
|
-
|
74
|
+
//
|
75
|
+
// Top level objects are named ObjT
|
76
|
+
// eg KeyT - Key Type, SessionT - Session Type etc.
|
77
|
+
//
|
78
|
+
message KeyT {
|
79
|
+
optional string key=1;
|
80
|
+
optional string readable=2;
|
81
|
+
optional string label=3;
|
82
|
+
optional string description=4;
|
83
|
+
optional int64 metric=5;
|
76
84
|
}
|
77
85
|
|
78
|
-
message AlertID {
|
79
|
-
required int64 slice_id=1;
|
80
|
-
required int64 alert_id=2;
|
81
|
-
}
|
82
86
|
|
83
|
-
message
|
84
|
-
required int64 slice_id=1;
|
85
|
-
required int64 resource_id=2;
|
86
|
-
}
|
87
|
-
message CounterGroupDetails {
|
87
|
+
message CounterGroupT {
|
88
88
|
required string guid=1;
|
89
89
|
required string name=2;
|
90
90
|
optional int64 bucket_size=3;
|
@@ -93,55 +93,90 @@ message CounterGroupDetails {
|
|
93
93
|
repeated MeterInfo meters=6;
|
94
94
|
}
|
95
95
|
|
96
|
-
message
|
96
|
+
message SessionT {
|
97
97
|
optional string session_key=1;
|
98
|
-
required
|
98
|
+
required string session_id=2;
|
99
99
|
optional string user_label=3;
|
100
100
|
required TimeInterval time_interval=4;
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
required
|
107
|
-
required
|
108
|
-
required
|
109
|
-
required
|
110
|
-
required
|
111
|
-
optional
|
112
|
-
optional
|
113
|
-
optional
|
101
|
+
optional int64 state=5;
|
102
|
+
optional int64 az_bytes=6;
|
103
|
+
optional int64 za_bytes=7;
|
104
|
+
optional int64 az_packets=8;
|
105
|
+
optional int64 za_packets=9;
|
106
|
+
required KeyT key1A=10;
|
107
|
+
required KeyT key2A=11;
|
108
|
+
required KeyT key1Z=12;
|
109
|
+
required KeyT key2Z=13;
|
110
|
+
required KeyT protocol=14;
|
111
|
+
optional KeyT nf_routerid=15;
|
112
|
+
optional KeyT nf_ifindex_in=16;
|
113
|
+
optional KeyT nf_ifindex_out=17;
|
114
114
|
optional string tags=18;
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
115
|
+
optional int64 az_payload=19;
|
116
|
+
optional int64 za_payload=20;
|
117
|
+
optional int64 setup_rtt=21;
|
118
|
+
optional int64 retransmissions=22;
|
119
119
|
optional int64 tracker_statval=23;
|
120
|
+
optional string probe_id=24;
|
120
121
|
}
|
121
122
|
|
122
123
|
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
required
|
128
|
-
required string
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
optional string
|
142
|
-
optional string trace = 20 ;
|
124
|
+
////////////////////////////////////
|
125
|
+
// AlertT
|
126
|
+
message AlertT{
|
127
|
+
optional int64 sensor_id=1;
|
128
|
+
required Timestamp time=2;
|
129
|
+
required string alert_id=3;
|
130
|
+
optional KeyT source_ip=4;
|
131
|
+
optional KeyT source_port=5;
|
132
|
+
optional KeyT destination_ip=6;
|
133
|
+
optional KeyT destination_port=7;
|
134
|
+
optional KeyT sigid=8;
|
135
|
+
optional KeyT classification=9;
|
136
|
+
optional KeyT priority=10;
|
137
|
+
optional Timestamp dispatch_time=11;
|
138
|
+
optional string aux_message1=12;
|
139
|
+
optional string aux_message2=13;
|
140
|
+
optional int64 occurrances=14[default=1];
|
141
|
+
optional string group_by_key=15;
|
142
|
+
optional string probe_id=16;
|
143
143
|
}
|
144
144
|
|
145
|
+
|
146
|
+
////////////////////////////////////
|
147
|
+
// ResourceT
|
148
|
+
message ResourceT {
|
149
|
+
required Timestamp time=1;
|
150
|
+
required string resource_id=2;
|
151
|
+
optional KeyT source_ip=3;
|
152
|
+
optional KeyT source_port=4;
|
153
|
+
optional KeyT destination_ip=5;
|
154
|
+
optional KeyT destination_port=6;
|
155
|
+
optional string uri=7;
|
156
|
+
optional string userlabel=8;
|
157
|
+
optional string probe_id=9;
|
158
|
+
}
|
159
|
+
|
160
|
+
////////////////////////////////////
|
161
|
+
// DocumentT
|
162
|
+
message DocumentT {
|
163
|
+
required string dockey=1;
|
164
|
+
optional string fts_attributes=2;
|
165
|
+
optional string fullcontent=3;
|
166
|
+
|
167
|
+
message Flow {
|
168
|
+
required Timestamp time=1;
|
169
|
+
required string key=2;
|
170
|
+
}
|
171
|
+
|
172
|
+
repeated Flow flows=4;
|
173
|
+
optional string probe_id=5;
|
174
|
+
}
|
175
|
+
|
176
|
+
|
177
|
+
//
|
178
|
+
// Enums
|
179
|
+
//
|
145
180
|
enum AuthLevel {
|
146
181
|
ADMIN=1;
|
147
182
|
BASIC_USER=2;
|
@@ -159,71 +194,98 @@ enum PcapFormat {
|
|
159
194
|
UNSNIFF=2;
|
160
195
|
}
|
161
196
|
|
162
|
-
enum
|
163
|
-
|
164
|
-
|
197
|
+
enum DomainNodeType
|
198
|
+
{
|
199
|
+
HUB=0;
|
200
|
+
PROBE=1;
|
201
|
+
CONFIG=2;
|
202
|
+
ROUTER=3;
|
203
|
+
WEB=4;
|
204
|
+
MONITOR=5;
|
165
205
|
}
|
166
206
|
|
207
|
+
enum DomainOperation {
|
208
|
+
GETNODES=1;
|
209
|
+
HEARTBEAT=2;
|
210
|
+
REGISTER=3;
|
211
|
+
}
|
212
|
+
|
213
|
+
message NameValue {
|
214
|
+
required string name=1;
|
215
|
+
optional string value=2;
|
216
|
+
}
|
217
|
+
|
218
|
+
//
|
219
|
+
// Top level message is TRP::Message
|
220
|
+
// - wraps the actual request or response
|
221
|
+
//
|
167
222
|
message Message {
|
168
223
|
enum Command { HELLO_REQUEST=1;
|
169
224
|
HELLO_RESPONSE=2;
|
170
225
|
OK_RESPONSE=3;
|
171
226
|
ERROR_RESPONSE=5;
|
172
|
-
|
173
|
-
|
227
|
+
COUNTER_GROUP_TOPPER_REQUEST=6;
|
228
|
+
COUNTER_GROUP_TOPPER_RESPONSE=7;
|
174
229
|
COUNTER_ITEM_REQUEST=8;
|
175
230
|
COUNTER_ITEM_RESPONSE=9;
|
176
|
-
|
177
|
-
|
178
|
-
CONTROLLED_COUNTER_GROUP_REQUEST=12;
|
179
|
-
CONTROLLED_COUNTER_GROUP_RESPONSE=13;
|
180
|
-
FILTERED_DATAGRAMS_REQUEST=14;
|
181
|
-
FILTERED_DATAGRAMS_RESPONSE=15;
|
182
|
-
CONTROLLED_CONTEXT_REQUEST=16;
|
183
|
-
CONTROLLED_CONTEXT_RESPONSE=17;
|
231
|
+
PCAP_REQUEST=14;
|
232
|
+
PCAP_RESPONSE=15;
|
184
233
|
SEARCH_KEYS_REQUEST=18;
|
185
234
|
SEARCH_KEYS_RESPONSE=19;
|
186
235
|
COUNTER_GROUP_INFO_REQUEST=20;
|
187
236
|
COUNTER_GROUP_INFO_RESPONSE=21;
|
188
237
|
SESSION_TRACKER_REQUEST=22;
|
189
238
|
SESSION_TRACKER_RESPONSE=23;
|
190
|
-
SESSION_ITEM_REQUEST=24;
|
191
|
-
SESSION_ITEM_RESPONSE=25;
|
192
|
-
BULK_COUNTER_ITEM_REQUEST=26;
|
193
|
-
BULK_COUNTER_ITEM_RESPONSE=27;
|
194
|
-
CGMONITOR_REQUEST=28;
|
195
|
-
CGMONITOR_RESPONSE=29;
|
196
|
-
TOPPER_SNAPSHOT_REQUEST=30;
|
197
|
-
TOPPER_SNAPSHOT_RESPONSE=31;
|
198
239
|
UPDATE_KEY_REQUEST=32;
|
199
240
|
UPDATE_KEY_RESPONSE=33;
|
200
241
|
QUERY_SESSIONS_REQUEST=34;
|
201
242
|
QUERY_SESSIONS_RESPONSE=35;
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
ALERT_ITEM_REQUEST=42;
|
209
|
-
ALERT_ITEM_RESPONSE=43;
|
210
|
-
ALERT_GROUP_REQUEST=44;
|
211
|
-
ALERT_GROUP_RESPONSE=45;
|
212
|
-
RESOURCE_ITEM_REQUEST=46;
|
213
|
-
RESOURCE_ITEM_RESPONSE=47;
|
214
|
-
RESOURCE_GROUP_REQUEST=48;
|
215
|
-
RESOURCE_GROUP_RESPONSE=49;
|
216
|
-
KEY_LOOKUP_REQUEST=50;
|
217
|
-
KEY_LOOKUP_RESPONSE=51;
|
243
|
+
PROBE_STATS_REQUEST=38;
|
244
|
+
PROBE_STATS_RESPONSE=39;
|
245
|
+
QUERY_ALERTS_REQUEST=44;
|
246
|
+
QUERY_ALERTS_RESPONSE=45;
|
247
|
+
QUERY_RESOURCES_REQUEST=48;
|
248
|
+
QUERY_RESOURCES_RESPONSE=49;
|
218
249
|
GREP_REQUEST=60;
|
219
250
|
GREP_RESPONSE=61;
|
220
251
|
KEYSPACE_REQUEST=70;
|
221
252
|
KEYSPACE_RESPONSE=71;
|
222
253
|
TOPPER_TREND_REQUEST=72;
|
223
254
|
TOPPER_TREND_RESPONSE=73;
|
224
|
-
QUERY_PDP_REQUEST=74;
|
225
|
-
QUERY_PDP_RESPONSE=75;
|
226
255
|
STAB_PUBSUB_CTL=80;
|
256
|
+
QUERY_FTS_REQUEST=90;
|
257
|
+
QUERY_FTS_RESPONSE=91;
|
258
|
+
TIMESLICES_REQUEST=92;
|
259
|
+
TIMESLICES_RESPONSE=93;
|
260
|
+
DELETE_ALERTS_REQUEST=94;
|
261
|
+
METRICS_SUMMARY_REQUEST=95;
|
262
|
+
METRICS_SUMMARY_RESPONSE=96;
|
263
|
+
PCAP_SLICES_REQUEST=97;
|
264
|
+
SERVICE_REQUEST=101;
|
265
|
+
SERVICE_RESPONSE=102;
|
266
|
+
CONFIG_REQUEST=103;
|
267
|
+
CONFIG_RESPONSE=104;
|
268
|
+
LOG_REQUEST=105;
|
269
|
+
LOG_RESPONSE=106;
|
270
|
+
CONTEXT_CREATE_REQUEST=108;
|
271
|
+
CONTEXT_DELETE_REQUEST=109;
|
272
|
+
CONTEXT_START_REQUEST=110;
|
273
|
+
CONTEXT_STOP_REQUEST=111;
|
274
|
+
CONTEXT_INFO_REQUEST=112;
|
275
|
+
CONTEXT_INFO_RESPONSE=113;
|
276
|
+
CONTEXT_CONFIG_REQUEST=114;
|
277
|
+
CONTEXT_CONFIG_RESPONSE=115;
|
278
|
+
DOMAIN_REQUEST=116;
|
279
|
+
DOMAIN_RESPONSE=117;
|
280
|
+
NODE_CONFIG_REQUEST=118;
|
281
|
+
NODE_CONFIG_RESPONSE=119;
|
282
|
+
ASYNC_REQUEST=120;
|
283
|
+
ASYNC_RESPONSE=121;
|
284
|
+
FILE_REQUEST=122;
|
285
|
+
FILE_RESPONSE=123;
|
286
|
+
SUBSYSTEM_INIT=124; // init msg used to prepare services
|
287
|
+
SUBSYSTEM_EXIT=125;
|
288
|
+
|
227
289
|
}
|
228
290
|
|
229
291
|
required Command trp_command=1;
|
@@ -231,69 +293,86 @@ message Message {
|
|
231
293
|
optional HelloResponse hello_response=3;
|
232
294
|
optional OKResponse ok_response=4;
|
233
295
|
optional ErrorResponse error_response=5;
|
234
|
-
optional
|
235
|
-
optional
|
296
|
+
optional CounterGroupTopperRequest counter_group_topper_request=6;
|
297
|
+
optional CounterGroupTopperResponse counter_group_topper_response=7;
|
236
298
|
optional CounterItemRequest counter_item_request=8;
|
237
299
|
optional CounterItemResponse counter_item_response=9;
|
238
|
-
optional
|
239
|
-
optional
|
240
|
-
optional FilteredDatagramResponse filtered_datagram_response=15;
|
241
|
-
optional ControlledContextRequest controlled_context_request=16;
|
242
|
-
optional ControlledContextResponse controlled_context_response=17;
|
300
|
+
optional PcapRequest pcap_request=14;
|
301
|
+
optional PcapResponse pcap_response=15;
|
243
302
|
optional SearchKeysRequest search_keys_request=18;
|
244
303
|
optional SearchKeysResponse search_keys_response=19;
|
245
304
|
optional CounterGroupInfoRequest counter_group_info_request=20;
|
246
305
|
optional CounterGroupInfoResponse counter_group_info_response=21;
|
247
|
-
optional SessionItemRequest session_item_request=22;
|
248
|
-
optional SessionItemResponse session_item_response=23;
|
249
|
-
optional BulkCounterItemRequest bulk_counter_item_request=24;
|
250
|
-
optional BulkCounterItemResponse bulk_counter_item_response=25;
|
251
|
-
// optional TopperSnapshotRequest topper_snapshot_request=28;
|
252
|
-
// optional TopperSnapshotResponse topper_snapshot_response=29;
|
253
306
|
optional UpdateKeyRequest update_key_request=30;
|
254
307
|
optional QuerySessionsRequest query_sessions_request=31;
|
255
308
|
optional QuerySessionsResponse query_sessions_response=32;
|
256
309
|
optional SessionTrackerRequest session_tracker_request=33;
|
257
310
|
optional SessionTrackerResponse session_tracker_response=34;
|
258
|
-
optional
|
259
|
-
optional
|
260
|
-
optional
|
261
|
-
optional
|
262
|
-
optional
|
263
|
-
optional
|
264
|
-
optional AlertGroupRequest alert_group_request=43;
|
265
|
-
optional AlertGroupResponse alert_group_response=44;
|
266
|
-
optional ResourceItemRequest resource_item_request=45;
|
267
|
-
optional ResourceItemResponse resource_item_response=46;
|
268
|
-
optional ResourceGroupRequest resource_group_request=47;
|
269
|
-
optional ResourceGroupResponse resource_group_response=48;
|
270
|
-
optional KeyLookupRequest key_lookup_request=49;
|
271
|
-
optional KeyLookupResponse key_lookup_response=50;
|
311
|
+
optional ProbeStatsRequest probe_stats_request=37;
|
312
|
+
optional ProbeStatsResponse probe_stats_response=38;
|
313
|
+
optional QueryAlertsRequest query_alerts_request=43;
|
314
|
+
optional QueryAlertsResponse query_alerts_response=44;
|
315
|
+
optional QueryResourcesRequest query_resources_request=47;
|
316
|
+
optional QueryResourcesResponse query_resources_response=48;
|
272
317
|
optional GrepRequest grep_request=51;
|
273
318
|
optional GrepResponse grep_response=52;
|
274
|
-
optional KeySpaceRequest keyspace_request=53;
|
275
|
-
optional KeySpaceResponse keyspace_response=54;
|
276
319
|
optional TopperTrendRequest topper_trend_request=55;
|
277
320
|
optional TopperTrendResponse topper_trend_response=56;
|
278
|
-
optional QueryPDPRequest query_pdp_request=57;
|
279
|
-
optional QueryPDPResponse query_pdp_response=58;
|
280
321
|
optional SubscribeCtl subscribe_ctl=59;
|
322
|
+
optional QueryFTSRequest query_fts_request=60;
|
323
|
+
optional QueryFTSResponse query_fts_response=61;
|
324
|
+
optional TimeSlicesRequest time_slices_request=62;
|
325
|
+
optional TimeSlicesResponse time_slices_response=63;
|
326
|
+
optional DeleteAlertsRequest delete_alerts_request=64;
|
327
|
+
optional MetricsSummaryRequest metrics_summary_request=65;
|
328
|
+
optional MetricsSummaryResponse metrics_summary_response=66;
|
329
|
+
optional KeySpaceRequest key_space_request=67;
|
330
|
+
optional KeySpaceResponse key_space_response=68;
|
331
|
+
optional PcapSlicesRequest pcap_slices_request=69;
|
332
|
+
optional LogRequest log_request=105;
|
333
|
+
optional LogResponse log_response=106;
|
334
|
+
optional ContextCreateRequest context_create_request=108;
|
335
|
+
optional ContextDeleteRequest context_delete_request=109;
|
336
|
+
optional ContextStartRequest context_start_request=110;
|
337
|
+
optional ContextStopRequest context_stop_request=111;
|
338
|
+
optional ContextConfigRequest context_config_request=112;
|
339
|
+
optional ContextConfigResponse context_config_response=113;
|
340
|
+
optional ContextInfoRequest context_info_request=114;
|
341
|
+
optional ContextInfoResponse context_info_response=115;
|
342
|
+
optional DomainRequest domain_request=116;
|
343
|
+
optional DomainResponse domain_response=117;
|
344
|
+
optional NodeConfigRequest node_config_request=118;
|
345
|
+
optional NodeConfigResponse node_config_response=119;
|
346
|
+
optional AsyncRequest async_request=120;
|
347
|
+
optional AsyncResponse async_response=121;
|
348
|
+
optional FileRequest file_request=122;
|
349
|
+
optional FileResponse file_response=123;
|
350
|
+
optional string destination_node=200; // todo move 2nd
|
351
|
+
optional string probe_id=201; // todo move 3rd
|
352
|
+
optional bool run_async=202; // todo move 3rd
|
353
|
+
|
281
354
|
}
|
282
355
|
|
356
|
+
|
357
|
+
//////////////////////////////////////////////////////////////
|
358
|
+
// --------------- Messages Section -------------------------//
|
359
|
+
// TRP is a synchronous request response protocol //
|
360
|
+
// Send a xyz_Request() and wait for xyz_Response //
|
361
|
+
// All requests necessarily get a response //
|
362
|
+
// --------------- Messages Section -------------------------//
|
363
|
+
//////////////////////////////////////////////////////////////
|
364
|
+
|
283
365
|
///////////////////////////////
|
284
366
|
// Hello
|
285
367
|
message HelloRequest{
|
286
368
|
required string station_id=1;
|
369
|
+
optional string message=2;
|
287
370
|
}
|
288
371
|
|
289
372
|
message HelloResponse{
|
290
|
-
required string
|
291
|
-
|
292
|
-
|
293
|
-
required string version_string=4;
|
294
|
-
required Timestamp connection_start_time=5;
|
295
|
-
required Timestamp connection_up_time=6;
|
296
|
-
required AuthLevel current_auth_level=7;
|
373
|
+
required string station_id=1;
|
374
|
+
optional string station_id_request=2;
|
375
|
+
optional string message=3;
|
297
376
|
}
|
298
377
|
|
299
378
|
///////////////////////////////
|
@@ -311,17 +390,13 @@ message OKResponse{
|
|
311
390
|
optional string message=2;
|
312
391
|
}
|
313
392
|
|
314
|
-
message ReleaseContextRequest{
|
315
|
-
optional int64 context=1;
|
316
|
-
}
|
317
393
|
|
318
394
|
///////////////////////////////
|
319
395
|
// CounterItemRequest
|
320
396
|
message CounterItemRequest{
|
321
|
-
optional int64 context=1 [default=0];
|
322
397
|
required string counter_group=2;
|
323
398
|
optional int64 meter=3;
|
324
|
-
required
|
399
|
+
required KeyT key=4;
|
325
400
|
required TimeInterval time_interval=5;
|
326
401
|
optional int64 volumes_only=6 [default=0];
|
327
402
|
}
|
@@ -329,140 +404,59 @@ message CounterItemRequest{
|
|
329
404
|
///////////////////////////////
|
330
405
|
// CounterItemResponse
|
331
406
|
message CounterItemResponse{
|
332
|
-
|
407
|
+
required string counter_group=1;
|
408
|
+
required KeyT key=2;
|
409
|
+
optional StatsArray totals=3;
|
410
|
+
repeated StatsArray stats=4;
|
333
411
|
}
|
334
412
|
|
335
413
|
|
336
|
-
//////////////////////////////////////////
|
337
|
-
// BulkCounterItemRequest
|
338
|
-
message BulkCounterItemRequest{
|
339
|
-
optional int64 context=1[default=0];
|
340
|
-
required string counter_group=2;
|
341
|
-
required int64 meter=3;
|
342
|
-
required TimeInterval time_interval=4;
|
343
|
-
repeated string keys=5;
|
344
|
-
}
|
345
|
-
|
346
|
-
//////////////////////////////////////////
|
347
|
-
// BulkCounterItemResponse
|
348
|
-
message BulkCounterItemResponse{
|
349
|
-
repeated KeyStats stats=1;
|
350
|
-
}
|
351
|
-
|
352
414
|
///////////////////////////////
|
353
|
-
//
|
354
|
-
message
|
355
|
-
optional int64 context=1 [default=0];
|
415
|
+
// CounterGroupTopperRequest
|
416
|
+
message CounterGroupTopperRequest{
|
356
417
|
required string counter_group=2;
|
357
418
|
optional int64 meter=3 [default=0];
|
358
|
-
optional int64 maxitems=4 [default=
|
419
|
+
optional int64 maxitems=4 [default=100];
|
359
420
|
optional TimeInterval time_interval=5;
|
360
421
|
optional Timestamp time_instant=6;
|
361
422
|
optional int64 flags=7;
|
362
|
-
optional bool resolve_keys=8;
|
423
|
+
optional bool resolve_keys=8 [default=true];
|
363
424
|
}
|
364
425
|
|
365
426
|
///////////////////////////////
|
366
|
-
//
|
367
|
-
message
|
368
|
-
required int64 context=1;
|
427
|
+
// CounterGroupTopperResponse
|
428
|
+
message CounterGroupTopperResponse{
|
369
429
|
required string counter_group=2;
|
370
430
|
required int64 meter=3;
|
371
431
|
optional int64 sysgrouptotal=4;
|
372
|
-
repeated
|
373
|
-
}
|
374
|
-
|
375
|
-
|
376
|
-
///////////////////////////////
|
377
|
-
// FilteredDatagramRequest
|
378
|
-
message FilteredDatagramRequest{
|
379
|
-
optional int64 max_packets=1[default=0];
|
380
|
-
optional int64 max_bytes=2[default=0];
|
381
|
-
optional CompressionType compress_type=3[default=UNCOMPRESSED];
|
382
|
-
|
383
|
-
// by trisul filter format expr
|
384
|
-
message ByFilterExpr {
|
385
|
-
required TimeInterval time_interval=1;
|
386
|
-
required string filter_expression=2;
|
387
|
-
}
|
388
|
-
optional ByFilterExpr filter_expression=4;
|
389
|
-
|
390
|
-
// by session
|
391
|
-
message BySession {
|
392
|
-
optional string session_group=1[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
393
|
-
repeated SessionID session_ids=2;
|
394
|
-
}
|
395
|
-
optional BySession session=5;
|
396
|
-
|
397
|
-
|
398
|
-
// by alert
|
399
|
-
message ByAlert {
|
400
|
-
optional string alert_group=1[default="{9AFD8C08-07EB-47E0-BF05-28B4A7AE8DC9}"];
|
401
|
-
repeated AlertID alert_ids=2;
|
402
|
-
}
|
403
|
-
optional ByAlert alert=6;
|
404
|
-
|
405
|
-
// by resource
|
406
|
-
message ByResource {
|
407
|
-
required string resource_group=1;
|
408
|
-
repeated ResourceID resource_ids=2;
|
409
|
-
}
|
410
|
-
optional ByResource resource=7;
|
411
|
-
|
412
|
-
optional PcapDisposition disposition=8[default=DOWNLOAD];
|
413
|
-
|
432
|
+
repeated KeyT keys=6;
|
414
433
|
}
|
415
434
|
|
416
|
-
/////////////////////////////////////
|
417
|
-
// FileredDatagaramResponse
|
418
|
-
message FilteredDatagramResponse{
|
419
|
-
required PcapFormat format=1;
|
420
|
-
required CompressionType compress_type=2;
|
421
|
-
required TimeInterval time_interval=3;
|
422
|
-
required int64 num_datagrams=4;
|
423
|
-
required int64 num_bytes=5;
|
424
|
-
required string sha1=6;
|
425
|
-
required bytes contents=7;
|
426
|
-
required PcapDisposition disposition=8;
|
427
|
-
optional string path=9;
|
428
|
-
}
|
429
|
-
|
430
|
-
//////////////////////////////////////////
|
431
|
-
// ControlledContextRequest
|
432
|
-
message ControlledContextRequest{
|
433
|
-
required TimeInterval time_interval=1;
|
434
|
-
required string filter_expression=2;
|
435
|
-
}
|
436
|
-
|
437
|
-
//////////////////////////////////////////
|
438
|
-
//// ControlledContextResponse
|
439
|
-
message ControlledContextResponse{
|
440
|
-
required int64 context=1;
|
441
|
-
optional string context_db=2;
|
442
|
-
required TimeInterval time_interval =3;
|
443
|
-
}
|
444
435
|
|
445
436
|
///////////////////////////////////////
|
446
437
|
// SearchkeysRequest
|
447
438
|
message SearchKeysRequest{
|
448
|
-
optional int64 context=1[default=0];
|
449
439
|
required string counter_group=2;
|
450
|
-
|
451
|
-
|
440
|
+
optional int64 maxitems=3[default=100];
|
441
|
+
optional string pattern=4;
|
442
|
+
optional string label=5;
|
443
|
+
repeated string keys=6;
|
444
|
+
optional int64 offset=7[default=0];
|
445
|
+
optional bool get_totals=8[default=false];
|
452
446
|
}
|
453
447
|
|
454
448
|
//////////////////////////////////////
|
455
449
|
// SearchKeysResponse
|
456
450
|
message SearchKeysResponse{
|
457
|
-
optional int64 context=1;
|
458
451
|
required string counter_group=2;
|
459
|
-
repeated
|
452
|
+
repeated KeyT keys=3;
|
453
|
+
optional int64 total_count=4;
|
454
|
+
|
460
455
|
}
|
461
456
|
|
462
457
|
/////////////////////////////////////
|
463
458
|
/// CounterGroupInfoRequest
|
464
459
|
message CounterGroupInfoRequest{
|
465
|
-
optional int64 context=1[default=0];
|
466
460
|
optional string counter_group=2;
|
467
461
|
optional bool get_meter_info=3[default=false];
|
468
462
|
}
|
@@ -470,62 +464,42 @@ message CounterGroupInfoRequest{
|
|
470
464
|
///////////////////////////////////
|
471
465
|
/// CounterGroupInfoResponse
|
472
466
|
message CounterGroupInfoResponse{
|
473
|
-
|
474
|
-
repeated CounterGroupDetails group_details=2;
|
475
|
-
}
|
476
|
-
|
477
|
-
/////////////////////////////////////
|
478
|
-
// SessionItemRequest
|
479
|
-
message SessionItemRequest{
|
480
|
-
optional int64 context=1[default=0];
|
481
|
-
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
482
|
-
repeated string session_keys=3;
|
483
|
-
repeated SessionID session_ids=4;
|
484
|
-
optional bool resolve_keys=5[default=true];
|
467
|
+
repeated CounterGroupT group_details=2;
|
485
468
|
}
|
486
469
|
|
487
|
-
////////////////////////////////////
|
488
|
-
// SessionItemResponse
|
489
|
-
message SessionItemResponse{
|
490
|
-
optional int64 context=1[default=0];
|
491
|
-
required string session_group=2;
|
492
|
-
repeated SessionDetails sessions=3;
|
493
|
-
}
|
494
470
|
///////////////////////////////////
|
495
471
|
// QuerySessions - any of the fields can be filled
|
496
472
|
// all the fields filled are treated as AND criteria
|
497
473
|
message QuerySessionsRequest {
|
498
|
-
optional int64 context=1[default=0];
|
499
474
|
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
500
|
-
|
475
|
+
optional TimeInterval time_interval=3;
|
501
476
|
optional string key=4;
|
502
|
-
optional
|
503
|
-
optional
|
504
|
-
optional
|
505
|
-
optional
|
506
|
-
optional
|
507
|
-
optional
|
508
|
-
|
509
|
-
optional
|
477
|
+
optional KeyT source_ip=5;
|
478
|
+
optional KeyT source_port=6;
|
479
|
+
optional KeyT dest_ip=7;
|
480
|
+
optional KeyT dest_port=8;
|
481
|
+
optional KeyT any_ip=9;
|
482
|
+
optional KeyT any_port=10;
|
483
|
+
repeated KeyT ip_pair=11; // array of 2 ips
|
484
|
+
optional KeyT protocol=12;
|
510
485
|
optional string flowtag=13;
|
511
|
-
optional
|
512
|
-
optional
|
513
|
-
optional
|
486
|
+
optional KeyT nf_routerid=14;
|
487
|
+
optional KeyT nf_ifindex_in=15;
|
488
|
+
optional KeyT nf_ifindex_out=16;
|
514
489
|
optional string subnet_24=17;
|
515
490
|
optional string subnet_16=18;
|
516
|
-
|
517
491
|
optional int64 maxitems=19[default=100];
|
518
492
|
optional int64 volume_filter=20[default=0];
|
519
493
|
optional bool resolve_keys=21[default=true];
|
520
494
|
optional string outputpath=22;
|
495
|
+
repeated string idlist=23;
|
521
496
|
}
|
522
497
|
|
523
498
|
/////////////////////////////////////
|
524
499
|
// QuerySessionsResponse
|
525
500
|
message QuerySessionsResponse {
|
526
|
-
optional int64 context=1;
|
527
501
|
required string session_group=2;
|
528
|
-
repeated
|
502
|
+
repeated SessionT sessions=3;
|
529
503
|
optional string outputpath=4;
|
530
504
|
}
|
531
505
|
|
@@ -533,295 +507,127 @@ message QuerySessionsResponse {
|
|
533
507
|
/// UpdatekeysRequest
|
534
508
|
/// Response = OKResponse or ErrorResponse
|
535
509
|
message UpdateKeyRequest{
|
536
|
-
optional int64 context=1[default=0];
|
537
510
|
required string counter_group=2;
|
538
|
-
|
539
|
-
required string label=5;
|
540
|
-
optional string description=6;
|
511
|
+
repeated KeyT keys=4;
|
541
512
|
}
|
542
513
|
|
543
514
|
/////////////////////////////////////
|
544
515
|
// SessionTrackerRequest
|
545
516
|
message SessionTrackerRequest {
|
546
|
-
optional int64 context=1[default=0];
|
547
517
|
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
548
518
|
required int64 tracker_id=3 [default=1];
|
549
519
|
optional int64 maxitems=4 [default=100];
|
550
520
|
required TimeInterval time_interval=5;
|
521
|
+
optional bool resolve_keys=6 [default=true];
|
551
522
|
}
|
552
523
|
|
553
524
|
///////////////////////////////////
|
554
525
|
// SessionTrackerResponse
|
555
526
|
message SessionTrackerResponse{
|
556
|
-
optional int64 context=1;
|
557
527
|
required string session_group=2;
|
558
|
-
repeated
|
528
|
+
repeated SessionT sessions=3;
|
559
529
|
optional int64 tracker_id=4;
|
560
530
|
}
|
561
531
|
|
562
|
-
///////////////////////////////////
|
563
|
-
// SessionGroupRequest
|
564
|
-
message SessionGroupRequest {
|
565
|
-
optional int64 context=1[default=0];
|
566
|
-
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
567
|
-
optional int64 tracker_id=3;
|
568
|
-
optional string key_filter=4;
|
569
|
-
optional int64 maxitems=5 [default=100];
|
570
|
-
}
|
571
|
-
|
572
|
-
//////////////////////////////////
|
573
|
-
// SessionGroupResponse
|
574
|
-
message SessionGroupResponse {
|
575
|
-
optional int64 context=1;
|
576
|
-
required string session_group=2;
|
577
|
-
repeated string session_keys=3;
|
578
|
-
}
|
579
|
-
|
580
|
-
|
581
|
-
//////////////////////////////////
|
582
|
-
// ServerStatsRequest
|
583
|
-
message ServerStatsRequest{
|
584
|
-
required int64 param=1;
|
585
|
-
}
|
586
|
-
|
587
|
-
//////////////////////////////////
|
588
|
-
// ServerStatsResponse
|
589
|
-
message ServerStatsResponse{
|
590
|
-
required string instance_name=1;
|
591
|
-
required int64 connections=2;
|
592
|
-
required int64 uptime_seconds=3;
|
593
|
-
required double cpu_usage_percent_trisul=4;
|
594
|
-
required double cpu_usage_percent_total=5;
|
595
|
-
required double mem_usage_trisul=6;
|
596
|
-
required double mem_usage_total=7;
|
597
|
-
required double mem_total=8;
|
598
|
-
required int64 size_total=9;
|
599
|
-
required double drop_percent_cap=11;
|
600
|
-
required double drop_percent_trisul=12;
|
601
|
-
required TimeInterval time_interval=13;
|
602
|
-
}
|
603
|
-
|
604
|
-
/////////////////////////////////////
|
605
|
-
// AlertItemRequest
|
606
|
-
message AlertItemRequest{
|
607
|
-
optional int64 context=1[default=0];
|
608
|
-
required string alert_group=2;
|
609
|
-
repeated AlertID alert_ids=3;
|
610
|
-
}
|
611
532
|
////////////////////////////////////
|
612
|
-
//
|
613
|
-
message
|
614
|
-
optional int64 context=1;
|
533
|
+
// QueryAlertsRequest
|
534
|
+
message QueryAlertsRequest {
|
615
535
|
required string alert_group=2;
|
616
|
-
|
617
|
-
|
618
|
-
|
619
|
-
|
620
|
-
|
621
|
-
|
622
|
-
|
623
|
-
|
624
|
-
|
625
|
-
required string classification=9;
|
626
|
-
required string priority=10;
|
627
|
-
required Timestamp dispatch_time=11;
|
628
|
-
required string aux_message1=12;
|
629
|
-
required string aux_message2=13;
|
630
|
-
}
|
631
|
-
repeated Item items=3;
|
632
|
-
}
|
633
|
-
|
634
|
-
////////////////////////////////////
|
635
|
-
// AlertGroupQueryRequest
|
636
|
-
message AlertGroupRequest {
|
637
|
-
optional int64 context=1[default=0];
|
638
|
-
required string alert_group=2;
|
639
|
-
required TimeInterval time_interval=3;
|
640
|
-
optional int64 maxitems=5 [default=10];
|
641
|
-
optional string source_ip=6;
|
642
|
-
optional string source_port=7;
|
643
|
-
optional string destination_ip=8;
|
644
|
-
optional string destination_port=9;
|
645
|
-
optional string sigid=10;
|
646
|
-
optional string classification=11;
|
647
|
-
optional string priority=12;
|
536
|
+
optional TimeInterval time_interval=3;
|
537
|
+
optional int64 maxitems=5 [default=100];
|
538
|
+
optional KeyT source_ip=6;
|
539
|
+
optional KeyT source_port=7;
|
540
|
+
optional KeyT destination_ip=8;
|
541
|
+
optional KeyT destination_port=9;
|
542
|
+
optional KeyT sigid=10;
|
543
|
+
optional KeyT classification=11;
|
544
|
+
optional KeyT priority=12;
|
648
545
|
optional string aux_message1=13;
|
649
546
|
optional string aux_message2=14;
|
547
|
+
optional string group_by_fieldname=15;
|
548
|
+
repeated string idlist=16;
|
549
|
+
optional bool resolve_keys=17[default=true];
|
550
|
+
optional KeyT any_ip=18;
|
551
|
+
optional KeyT any_port=19;
|
552
|
+
repeated KeyT ip_pair=20; // array of 2 ips
|
553
|
+
optional string message_regex=21; // searech via regex
|
650
554
|
}
|
651
555
|
|
652
556
|
/////////////////////////////////////
|
653
|
-
//
|
654
|
-
message
|
655
|
-
optional int64 context=1;
|
557
|
+
// QueryAlertsResponse
|
558
|
+
message QueryAlertsResponse {
|
656
559
|
required string alert_group=2;
|
657
|
-
repeated
|
658
|
-
}
|
659
|
-
|
660
|
-
/////////////////////////////////////
|
661
|
-
// ResourceRequest - mutliple
|
662
|
-
message ResourceItemRequest{
|
663
|
-
optional int64 context=1[default=0];
|
664
|
-
required string resource_group=2;
|
665
|
-
repeated ResourceID resource_ids=3;
|
560
|
+
repeated AlertT alerts=3;
|
666
561
|
}
|
667
562
|
////////////////////////////////////
|
668
|
-
//
|
669
|
-
message
|
670
|
-
optional int64 context=1;
|
563
|
+
// QueryResourcesRequest
|
564
|
+
message QueryResourcesRequest {
|
671
565
|
required string resource_group=2;
|
672
|
-
|
673
|
-
|
674
|
-
|
675
|
-
|
676
|
-
|
677
|
-
|
678
|
-
optional string destination_port=6;
|
679
|
-
optional string uri=7;
|
680
|
-
optional string userlabel=8;
|
681
|
-
}
|
682
|
-
repeated Item items=3;
|
683
|
-
}
|
684
|
-
|
685
|
-
////////////////////////////////////
|
686
|
-
// ResourceGroupRequest
|
687
|
-
message ResourceGroupRequest {
|
688
|
-
optional int64 context=1[default=0];
|
689
|
-
required string resource_group=2;
|
690
|
-
required TimeInterval time_interval=3;
|
691
|
-
optional int64 maxitems=4 [default=10];
|
692
|
-
optional string source_ip=5;
|
693
|
-
optional string source_port=6;
|
694
|
-
optional string destination_ip=7;
|
695
|
-
optional string destination_port=8;
|
566
|
+
optional TimeInterval time_interval=3;
|
567
|
+
optional int64 maxitems=4 [default=100];
|
568
|
+
optional KeyT source_ip=5;
|
569
|
+
optional KeyT source_port=6;
|
570
|
+
optional KeyT destination_ip=7;
|
571
|
+
optional KeyT destination_port=8;
|
696
572
|
optional string uri_pattern=9;
|
697
573
|
optional string userlabel_pattern=10;
|
698
|
-
repeated string
|
574
|
+
repeated string regex_uri=12; // cant be combined with others
|
575
|
+
repeated string idlist=13; // resource ID list
|
576
|
+
optional bool resolve_keys=14 [default=true];
|
577
|
+
optional KeyT any_port=15;
|
578
|
+
optional KeyT any_ip=16;
|
579
|
+
repeated KeyT ip_pair=17; // array of 2 ips
|
699
580
|
}
|
700
581
|
|
701
582
|
/////////////////////////////////////
|
702
|
-
//
|
703
|
-
message
|
704
|
-
|
705
|
-
|
706
|
-
repeated ResourceID resources=3;
|
583
|
+
// QueryResourceResponse
|
584
|
+
message QueryResourcesResponse {
|
585
|
+
required string resource_group=2;
|
586
|
+
repeated ResourceT resources=3;
|
707
587
|
}
|
708
588
|
|
709
589
|
|
710
590
|
|
711
|
-
/////////////////////////////////////////////
|
712
|
-
// KeyLookup - mutliple keys from a single CG
|
713
|
-
message KeyLookupRequest {
|
714
|
-
optional int64 context=1[default=0];
|
715
|
-
required string counter_group=2;
|
716
|
-
repeated string keys=3;
|
717
|
-
}
|
718
|
-
|
719
|
-
|
720
|
-
/////////////////////////////////////////////
|
721
|
-
// KeyLookup
|
722
|
-
message KeyLookupResponse {
|
723
|
-
optional int64 context=1;
|
724
|
-
required string counter_group=2;
|
725
|
-
repeated KeyDetails key_details=3;
|
726
|
-
}
|
727
|
-
|
728
|
-
////////////////////////////////////
|
729
|
-
// GrepRequest
|
730
|
-
message GrepRequest {
|
731
|
-
optional int64 context=1[default=0];
|
732
|
-
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
733
|
-
required TimeInterval time_interval=3;
|
734
|
-
optional int64 maxitems=4 [default=50];
|
735
|
-
optional string pattern=5;
|
736
|
-
repeated string md5list=6;
|
737
|
-
}
|
738
|
-
|
739
|
-
/////////////////////////////////////
|
740
|
-
// GrepResponse
|
741
|
-
message GrepResponse {
|
742
|
-
optional int64 context=1;
|
743
|
-
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
744
|
-
repeated SessionDetails sessions=3;
|
745
|
-
repeated string hints=4;
|
746
|
-
}
|
747
|
-
|
748
|
-
|
749
591
|
////////////////////////////////////
|
750
592
|
// KeySpaceRequest
|
751
593
|
message KeySpaceRequest {
|
752
|
-
optional int64 context=1[default=0];
|
753
594
|
required string counter_group=2;
|
754
595
|
required TimeInterval time_interval=3;
|
755
596
|
optional int64 maxitems=4 [default=100];
|
756
597
|
|
757
598
|
message KeySpace {
|
758
|
-
required
|
759
|
-
required
|
599
|
+
required KeyT from_key=1;
|
600
|
+
required KeyT to_key=2;
|
760
601
|
}
|
761
602
|
|
762
603
|
repeated KeySpace spaces=5;
|
604
|
+
optional bool resolve_keys=6[default=true];
|
763
605
|
}
|
764
606
|
|
765
607
|
/////////////////////////////////////
|
766
608
|
// KeySpaceResponse
|
767
609
|
message KeySpaceResponse {
|
768
|
-
optional int64 context=1;
|
769
610
|
optional string counter_group=2;
|
770
|
-
repeated
|
611
|
+
repeated KeyT hits=3;
|
771
612
|
}
|
772
613
|
|
773
614
|
///////////////////////////////
|
774
615
|
// TopperTrendRequest
|
775
616
|
message TopperTrendRequest {
|
776
|
-
optional int64 context=1 [default=0];
|
777
617
|
required string counter_group=2;
|
778
618
|
optional int64 meter=3 [default=0];
|
779
|
-
optional int64 maxitems=4 [default=
|
619
|
+
optional int64 maxitems=4 [default=100];
|
780
620
|
optional TimeInterval time_interval=5;
|
781
621
|
}
|
782
622
|
|
783
623
|
///////////////////////////////
|
784
624
|
// TopperTrendResponse
|
785
625
|
message TopperTrendResponse {
|
786
|
-
required int64 context=1;
|
787
626
|
required string counter_group=2;
|
788
627
|
required int64 meter=3;
|
789
628
|
repeated KeyStats keytrends=4;
|
790
629
|
}
|
791
630
|
|
792
|
-
///////////////////////////////////
|
793
|
-
// QueryPDP - any of the fields can be filled
|
794
|
-
// all the fields filled are treated as AND criteria
|
795
|
-
// {3fcbae7f-bbec-47ca-bae0-b48d5f96fd6b}
|
796
|
-
// define_guid(<<name>>,
|
797
|
-
// 0x3fcbae7f, 0xbbec, 0x47ca, 0xba, 0xe0, 0xb4, 0x8d, 0x5f, 0x96, 0xfd, 0x6b);
|
798
|
-
|
799
|
-
message QueryPDPRequest {
|
800
|
-
optional int64 context=1[default=0];
|
801
|
-
optional string session_group=2[default="{3FCBAE7F-BBEC-47CA-BAE0-B48D5F96FD6B}"];
|
802
|
-
required TimeInterval time_interval=3;
|
803
|
-
optional string ipa=4;
|
804
|
-
optional string msisdn=5;
|
805
|
-
optional string imei=6;
|
806
|
-
optional string imsi=7;
|
807
|
-
optional string apn=8;
|
808
|
-
optional string rai=9;
|
809
|
-
optional string uli=10;
|
810
|
-
optional string rat=11;
|
811
|
-
optional string cause=12;
|
812
|
-
optional string mccmnc=13;
|
813
|
-
optional int64 maxitems=14[default=100];
|
814
|
-
optional string teid=15;
|
815
|
-
}
|
816
|
-
|
817
|
-
/////////////////////////////////////
|
818
|
-
// QueryPDPResponse
|
819
|
-
message QueryPDPResponse {
|
820
|
-
optional int64 context=1;
|
821
|
-
repeated PDPDetails sessions=3;
|
822
|
-
}
|
823
|
-
|
824
|
-
|
825
631
|
|
826
632
|
|
827
633
|
///////////////////////////////////
|
@@ -843,7 +649,7 @@ message SubscribeCtl {
|
|
843
649
|
CT_UNSUBSCRIBE=1;
|
844
650
|
}
|
845
651
|
|
846
|
-
|
652
|
+
required string context_name=1;
|
847
653
|
required CtlType ctl=2;
|
848
654
|
required StabberType type=3;
|
849
655
|
optional string guid=4;
|
@@ -852,3 +658,391 @@ message SubscribeCtl {
|
|
852
658
|
}
|
853
659
|
|
854
660
|
|
661
|
+
|
662
|
+
// FTS
|
663
|
+
// query to return docs, docids, and flows based on keyword search
|
664
|
+
//
|
665
|
+
|
666
|
+
message QueryFTSRequest {
|
667
|
+
|
668
|
+
required TimeInterval time_interval=2;
|
669
|
+
required string fts_group=3;
|
670
|
+
required string keywords=4;
|
671
|
+
optional int64 maxitems=5[default=100];
|
672
|
+
}
|
673
|
+
|
674
|
+
|
675
|
+
message QueryFTSResponse {
|
676
|
+
|
677
|
+
required string fts_group=2;
|
678
|
+
repeated DocumentT documents=3;
|
679
|
+
|
680
|
+
}
|
681
|
+
|
682
|
+
|
683
|
+
// Timeslices
|
684
|
+
//
|
685
|
+
// get the METERS METASLICE info
|
686
|
+
// .. response = TimeSlicesResponse
|
687
|
+
|
688
|
+
message TimeSlicesRequest {
|
689
|
+
optional bool get_disk_usage=1[default=false];
|
690
|
+
optional bool get_all_engines=2[default=false];
|
691
|
+
optional bool get_total_window=3[default=false];
|
692
|
+
}
|
693
|
+
|
694
|
+
// .. response = TimeSlicesResponse
|
695
|
+
// get the PCAP METASLICE based info
|
696
|
+
message PcapSlicesRequest {
|
697
|
+
required string context_name=1;
|
698
|
+
optional bool get_total_window=2[default=false];
|
699
|
+
}
|
700
|
+
|
701
|
+
message TimeSlicesResponse {
|
702
|
+
message SliceT
|
703
|
+
{
|
704
|
+
required TimeInterval time_interval=1;
|
705
|
+
optional string name=2;
|
706
|
+
optional string status=3;
|
707
|
+
optional int64 disk_size=4;
|
708
|
+
optional string path=5;
|
709
|
+
optional bool available=6;
|
710
|
+
};
|
711
|
+
|
712
|
+
repeated SliceT slices=1;
|
713
|
+
optional TimeInterval total_window=2;
|
714
|
+
optional string context_name=3;
|
715
|
+
}
|
716
|
+
|
717
|
+
|
718
|
+
// DeleteAlerts
|
719
|
+
// - very limited exception to Trisul rule of not having delete options
|
720
|
+
message DeleteAlertsRequest {
|
721
|
+
required string alert_group=2;
|
722
|
+
required TimeInterval time_interval=3;
|
723
|
+
optional KeyT source_ip=6;
|
724
|
+
optional KeyT source_port=7;
|
725
|
+
optional KeyT destination_ip=8;
|
726
|
+
optional KeyT destination_port=9;
|
727
|
+
optional KeyT sigid=10;
|
728
|
+
optional KeyT classification=11;
|
729
|
+
optional KeyT priority=12;
|
730
|
+
optional KeyT any_ip=18;
|
731
|
+
optional KeyT any_port=19;
|
732
|
+
optional string message_regex=21; // delete using regex
|
733
|
+
}
|
734
|
+
|
735
|
+
//////////////////////////////////
|
736
|
+
// MetricsSummaryRequest
|
737
|
+
message MetricsSummaryRequest{
|
738
|
+
optional TimeInterval time_interval=1;
|
739
|
+
required string metric_name=2;
|
740
|
+
optional bool totals_only=3[default=true];
|
741
|
+
}
|
742
|
+
|
743
|
+
//////////////////////////////////
|
744
|
+
// MetricsSummaryResponse
|
745
|
+
message MetricsSummaryResponse {
|
746
|
+
required string metric_name=2;
|
747
|
+
repeated StatsTuple vals=3;
|
748
|
+
}
|
749
|
+
|
750
|
+
|
751
|
+
|
752
|
+
//////////////////////////////////
|
753
|
+
// LogRequest - want log file
|
754
|
+
message LogRequest {
|
755
|
+
|
756
|
+
required string context_name=1;
|
757
|
+
required string log_type=2;
|
758
|
+
optional string regex_filter=4;
|
759
|
+
optional int64 maxlines=5[default=1000];
|
760
|
+
optional string continue_logfilename=6;
|
761
|
+
optional int64 continue_seekpos=7;
|
762
|
+
optional bool latest_run_only=8[default=false];
|
763
|
+
}
|
764
|
+
|
765
|
+
|
766
|
+
message LogResponse {
|
767
|
+
|
768
|
+
required string context_name=1;
|
769
|
+
optional string logfilename=6;
|
770
|
+
optional int64 seekpos=7;
|
771
|
+
repeated string log_lines=8; // compressed gz
|
772
|
+
}
|
773
|
+
|
774
|
+
|
775
|
+
// messages to routerX backend
|
776
|
+
message DomainRequest {
|
777
|
+
required DomainOperation cmd=1;
|
778
|
+
optional string station_id=2;
|
779
|
+
optional string params=3;
|
780
|
+
optional DomainNodeType nodetype=4;
|
781
|
+
}
|
782
|
+
|
783
|
+
message DomainResponse {
|
784
|
+
|
785
|
+
|
786
|
+
message Node {
|
787
|
+
|
788
|
+
required string id=1;
|
789
|
+
required DomainNodeType nodetype=2;
|
790
|
+
optional string station_id=3;
|
791
|
+
optional string extra_info=4;
|
792
|
+
optional Timestamp register_time=5;
|
793
|
+
optional Timestamp heartbeat_time=6;
|
794
|
+
|
795
|
+
}
|
796
|
+
|
797
|
+
required DomainOperation cmd=1;
|
798
|
+
repeated Node nodes=2;
|
799
|
+
optional string req_params=3;
|
800
|
+
optional string params=4;
|
801
|
+
optional bool need_reconnect=5[default=false];
|
802
|
+
}
|
803
|
+
|
804
|
+
|
805
|
+
message NodeConfigRequest {
|
806
|
+
optional string message=1;
|
807
|
+
|
808
|
+
message IntelFeed {
|
809
|
+
required string guid=1; // identifying feed group (eg Geo, Badfellas)
|
810
|
+
optional string name=2; // name
|
811
|
+
optional string download_rules=3; // xml file with feed update instructions
|
812
|
+
repeated string uri=4; // individual files in config//.. for FileRequest download
|
813
|
+
}
|
814
|
+
|
815
|
+
optional IntelFeed add_feed=2;
|
816
|
+
optional IntelFeed process_new_feed=3;
|
817
|
+
}
|
818
|
+
|
819
|
+
message NodeConfigResponse {
|
820
|
+
|
821
|
+
message Node {
|
822
|
+
required string id=1;
|
823
|
+
required DomainNodeType nodetype=2;
|
824
|
+
required string description=3;
|
825
|
+
required string public_key=4;
|
826
|
+
}
|
827
|
+
|
828
|
+
repeated Node domains=1;
|
829
|
+
repeated Node hubs=2;
|
830
|
+
repeated Node probes=3;
|
831
|
+
repeated string feeds=4;
|
832
|
+
}
|
833
|
+
|
834
|
+
|
835
|
+
//////////////////////////////////
|
836
|
+
// ContextRequest - Context methods
|
837
|
+
// response Ok or Error, follow up with ContextInfo to print details
|
838
|
+
//
|
839
|
+
message ContextCreateRequest {
|
840
|
+
required string context_name=1;
|
841
|
+
optional string clone_from=2;
|
842
|
+
}
|
843
|
+
|
844
|
+
//////////////////////////////////
|
845
|
+
// ContextInfo : one or all contexts
|
846
|
+
// use is_init to prime with config
|
847
|
+
message ContextInfoRequest {
|
848
|
+
optional string context_name=1; // if not set all context get in
|
849
|
+
}
|
850
|
+
|
851
|
+
message ContextInfoResponse {
|
852
|
+
|
853
|
+
|
854
|
+
message Item
|
855
|
+
{
|
856
|
+
required string context_name=1;
|
857
|
+
required bool is_initialized=2;
|
858
|
+
required bool is_running=3;
|
859
|
+
optional int64 size_on_disk=4;
|
860
|
+
optional TimeInterval time_interval=5;
|
861
|
+
optional bool is_clean=6;
|
862
|
+
optional string extrainfo=7;
|
863
|
+
repeated TimeInterval run_history=8;
|
864
|
+
optional string profile=9;
|
865
|
+
optional string runmode=10;
|
866
|
+
}
|
867
|
+
|
868
|
+
repeated Item items=1;
|
869
|
+
}
|
870
|
+
|
871
|
+
//////////////////////////////////
|
872
|
+
// ContextDelete : initialize
|
873
|
+
// reset data only ..
|
874
|
+
message ContextDeleteRequest {
|
875
|
+
required string context_name=1; // if not set all context get in
|
876
|
+
optional bool reset_data=2; // reset data dont delete everything
|
877
|
+
}
|
878
|
+
|
879
|
+
// ContextStart : run
|
880
|
+
// run data only ..
|
881
|
+
message ContextStartRequest {
|
882
|
+
required string context_name=1; // if not set all context get in
|
883
|
+
optional string mode=2;
|
884
|
+
optional bool background=3;
|
885
|
+
optional string pcap_path=4;
|
886
|
+
optional string run_tool=5; // snort, suricata supported..
|
887
|
+
optional string tool_ids_config=6;
|
888
|
+
optional string tool_av_config=7;
|
889
|
+
|
890
|
+
}
|
891
|
+
|
892
|
+
// ContextSttop : kill
|
893
|
+
message ContextStopRequest {
|
894
|
+
required string context_name=1; // if not set all context get in
|
895
|
+
optional string run_tool=5; // snort, suricata , trp, flushd supported..
|
896
|
+
}
|
897
|
+
|
898
|
+
|
899
|
+
//////////////////////////////////
|
900
|
+
// ContextConfigRequest - start stop status
|
901
|
+
// OK or ERROR response
|
902
|
+
// Status = OK if running with PID etc in message text
|
903
|
+
message ContextConfigRequest {
|
904
|
+
required string context_name=1;
|
905
|
+
optional string profile=2;
|
906
|
+
optional string params=3;
|
907
|
+
optional bytes push_config_blob=4; // push this ..
|
908
|
+
optional string query_config=5; // push this ..
|
909
|
+
|
910
|
+
repeated NameValue set_config_values=6; // push this .. (name=value;name=value ..)
|
911
|
+
}
|
912
|
+
|
913
|
+
|
914
|
+
message ContextConfigResponse {
|
915
|
+
|
916
|
+
message Layer
|
917
|
+
{
|
918
|
+
required int64 layer=1;
|
919
|
+
required string probe_id=2;
|
920
|
+
optional string probe_description=3;
|
921
|
+
}
|
922
|
+
|
923
|
+
required string context_name=1;
|
924
|
+
optional string profile=2;
|
925
|
+
optional string params=3; // what kind of config you want
|
926
|
+
optional bytes pull_config_blob=4; // config
|
927
|
+
optional bytes config_blob=5; // compress tar.gz ..
|
928
|
+
repeated string endpoints_flush=6;
|
929
|
+
repeated string endpoints_query=7;
|
930
|
+
repeated string endpoints_pub=8;
|
931
|
+
optional string config_value=10; // response to query config ..
|
932
|
+
repeated Layer layers=11;
|
933
|
+
|
934
|
+
}
|
935
|
+
|
936
|
+
///////////////////////////////
|
937
|
+
// PcapReqiest
|
938
|
+
// NOTE - only one of the various filters are supported
|
939
|
+
// sending > 1 will result in error
|
940
|
+
//
|
941
|
+
message PcapRequest {
|
942
|
+
required string context_name=1;
|
943
|
+
optional int64 max_bytes=2[default=100000000]; // 100MB , can increase to 0.75 Filesystem freespace
|
944
|
+
optional CompressionType compress_type=3[default=UNCOMPRESSED];
|
945
|
+
optional string save_file=4;
|
946
|
+
required TimeInterval time_interval=5;
|
947
|
+
required string filter_expression=6;
|
948
|
+
}
|
949
|
+
|
950
|
+
/////////////////////////////////////
|
951
|
+
// FileredDatagaramResponse
|
952
|
+
message PcapResponse {
|
953
|
+
required string context_name=1;
|
954
|
+
optional PcapFormat format=2[default=LIBPCAP];
|
955
|
+
optional CompressionType compress_type=3[default=UNCOMPRESSED];
|
956
|
+
optional TimeInterval time_interval=4;
|
957
|
+
optional int64 num_bytes=5;
|
958
|
+
optional string sha1=6;
|
959
|
+
optional bytes contents=7;
|
960
|
+
optional string save_file=8;
|
961
|
+
}
|
962
|
+
|
963
|
+
////////////////////////////////////
|
964
|
+
// GrepRequest
|
965
|
+
message GrepRequest {
|
966
|
+
required string context_name=1;
|
967
|
+
required TimeInterval time_interval=2;
|
968
|
+
optional int64 maxitems=3 [default=100];
|
969
|
+
optional int64 flowcutoff_bytes=4;
|
970
|
+
optional string pattern_hex=5;
|
971
|
+
optional string pattern_text=6;
|
972
|
+
optional string pattern_file=7;
|
973
|
+
repeated string md5list=8;
|
974
|
+
optional bool resolve_keys=9 [default=true];
|
975
|
+
}
|
976
|
+
|
977
|
+
/////////////////////////////////////
|
978
|
+
// GrepResponse
|
979
|
+
message GrepResponse {
|
980
|
+
required string context_name=1;
|
981
|
+
repeated SessionT sessions=2;
|
982
|
+
repeated string hints=3;
|
983
|
+
}
|
984
|
+
|
985
|
+
//////////////////////////////////
|
986
|
+
// ProbeStatsRequest
|
987
|
+
message ProbeStatsRequest{
|
988
|
+
required string context_name=1;
|
989
|
+
optional string param=2;
|
990
|
+
}
|
991
|
+
|
992
|
+
//////////////////////////////////
|
993
|
+
// ProbeStatsResponse
|
994
|
+
message ProbeStatsResponse {
|
995
|
+
required string context_name=1;
|
996
|
+
required string instance_name=2;
|
997
|
+
required int64 connections=3;
|
998
|
+
required int64 uptime_seconds=4;
|
999
|
+
required double cpu_usage_percent_trisul=5;
|
1000
|
+
required double cpu_usage_percent_total=6;
|
1001
|
+
required double mem_usage_trisul=7;
|
1002
|
+
required double mem_usage_total=8;
|
1003
|
+
required double mem_total=9;
|
1004
|
+
required double drop_percent_cap=10;
|
1005
|
+
required double drop_percent_trisul=11;
|
1006
|
+
optional int64 proc_bytes=12;
|
1007
|
+
optional int64 proc_packets=13;
|
1008
|
+
optional string offline_pcap_file=14;
|
1009
|
+
optional bool is_running=15;
|
1010
|
+
}
|
1011
|
+
|
1012
|
+
/////////////////////////////////////
|
1013
|
+
// AsyncResponse
|
1014
|
+
message AsyncResponse {
|
1015
|
+
required int64 token=1;
|
1016
|
+
optional string response_message=3;
|
1017
|
+
optional Message response=4;
|
1018
|
+
}
|
1019
|
+
|
1020
|
+
//////////////////////////////////
|
1021
|
+
// AsyncRequest
|
1022
|
+
// response taken from original (if ready) or not_ready flag set
|
1023
|
+
message AsyncRequest {
|
1024
|
+
required int64 token=1;
|
1025
|
+
optional string request_message =2; // basically extra text for logging
|
1026
|
+
}
|
1027
|
+
|
1028
|
+
/////////////////////////////////////
|
1029
|
+
// FileRequest
|
1030
|
+
message FileRequest {
|
1031
|
+
required string uri=1;
|
1032
|
+
required int64 position=2;
|
1033
|
+
optional string params=3; // local meaning sentback n response
|
1034
|
+
}
|
1035
|
+
|
1036
|
+
//////////////////////////////////
|
1037
|
+
// FileResponse
|
1038
|
+
// one chunk at at time, Trisul has slightly inefficient File Transfer
|
1039
|
+
// for very large files, since most files are data feeds < 100MB fine for now
|
1040
|
+
message FileResponse {
|
1041
|
+
required string uri=1;
|
1042
|
+
required bool eof=2;
|
1043
|
+
optional int64 position=3;
|
1044
|
+
optional bytes content=4;
|
1045
|
+
optional string request_params =5;
|
1046
|
+
}
|
1047
|
+
|
1048
|
+
|