trisulrp 3.2.9 → 3.2.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/trisulrp/protocol.rb +5 -0
- data/lib/trisulrp/trp.pb.rb +97 -1
- data/lib/trisulrp/trp.proto +94 -0
- data/trisulrp.gemspec +3 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d418f25fea2c8eaed993c659026c8e8217095bbb
|
|
4
|
+
data.tar.gz: 00601201b5c7878cf9fb719891ed71327100b797
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6604ebee90f6e960e9609e228f93abbabe94922aae71bf84782346f8c4c84e9c32c17a18f30952fb46ca167282684d30d6b957894b75decbaf7aa35a309c64ac
|
|
7
|
+
data.tar.gz: 3d9404aab2c1f12462c48bde1714022724ea62f4c225fe5a7106f11e92194827caf8a9b0aa1d60d9dd2b350253df6fea072a1ad5d7e4b24c70eeef476e69698b
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.2.
|
|
1
|
+
3.2.13
|
data/lib/trisulrp/protocol.rb
CHANGED
|
@@ -460,6 +460,9 @@ module TrisulRP::Protocol
|
|
|
460
460
|
when TRP::Message::Command::QUERY_SESSIONS_REQUEST
|
|
461
461
|
fix_TRP_Fields( TRP::QuerySessionsRequest, params)
|
|
462
462
|
req.query_sessions_request = TRP::QuerySessionsRequest.new(params)
|
|
463
|
+
when TRP::Message::Command::AGGREGATE_SESSIONS_REQUEST
|
|
464
|
+
fix_TRP_Fields( TRP::AggregateSessionsRequest, params)
|
|
465
|
+
req.aggregate_sessions_request = TRP::AggregateSessionsRequest.new(params)
|
|
463
466
|
when TRP::Message::Command::GREP_REQUEST
|
|
464
467
|
fix_TRP_Fields( TRP::GrepRequest, params)
|
|
465
468
|
req.grep_request = TRP::GrepRequest.new(params)
|
|
@@ -586,6 +589,8 @@ module TrisulRP::Protocol
|
|
|
586
589
|
resp.session_tracker_response
|
|
587
590
|
when TRP::Message::Command::QUERY_SESSIONS_RESPONSE
|
|
588
591
|
resp.query_sessions_response
|
|
592
|
+
when TRP::Message::Command::AGGREGATE_SESSIONS_RESPONSE
|
|
593
|
+
resp.aggregate_sessions_response
|
|
589
594
|
when TRP::Message::Command::GREP_RESPONSE
|
|
590
595
|
resp.grep_response
|
|
591
596
|
when TRP::Message::Command::KEYSPACE_RESPONSE
|
data/lib/trisulrp/trp.pb.rb
CHANGED
|
@@ -78,7 +78,11 @@ module TRP
|
|
|
78
78
|
|
|
79
79
|
end
|
|
80
80
|
|
|
81
|
-
class CounterGroupT < ::Protobuf::Message
|
|
81
|
+
class CounterGroupT < ::Protobuf::Message
|
|
82
|
+
class Crosskey < ::Protobuf::Message; end
|
|
83
|
+
|
|
84
|
+
end
|
|
85
|
+
|
|
82
86
|
class SessionT < ::Protobuf::Message; end
|
|
83
87
|
class AlertT < ::Protobuf::Message; end
|
|
84
88
|
class ResourceT < ::Protobuf::Message; end
|
|
@@ -159,6 +163,8 @@ module TRP
|
|
|
159
163
|
define :SUBSYSTEM_EXIT, 125
|
|
160
164
|
define :GRAPH_REQUEST, 130
|
|
161
165
|
define :GRAPH_RESPONSE, 131
|
|
166
|
+
define :AGGREGATE_SESSIONS_REQUEST, 132
|
|
167
|
+
define :AGGREGATE_SESSIONS_RESPONSE, 133
|
|
162
168
|
end
|
|
163
169
|
|
|
164
170
|
end
|
|
@@ -177,6 +183,12 @@ module TRP
|
|
|
177
183
|
class CounterGroupInfoResponse < ::Protobuf::Message; end
|
|
178
184
|
class QuerySessionsRequest < ::Protobuf::Message; end
|
|
179
185
|
class QuerySessionsResponse < ::Protobuf::Message; end
|
|
186
|
+
class AggregateSessionsRequest < ::Protobuf::Message; end
|
|
187
|
+
class AggregateSessionsResponse < ::Protobuf::Message
|
|
188
|
+
class KeyTCount < ::Protobuf::Message; end
|
|
189
|
+
|
|
190
|
+
end
|
|
191
|
+
|
|
180
192
|
class UpdateKeyRequest < ::Protobuf::Message; end
|
|
181
193
|
class SessionTrackerRequest < ::Protobuf::Message; end
|
|
182
194
|
class SessionTrackerResponse < ::Protobuf::Message; end
|
|
@@ -184,6 +196,12 @@ module TRP
|
|
|
184
196
|
class QueryAlertsResponse < ::Protobuf::Message; end
|
|
185
197
|
class QueryResourcesRequest < ::Protobuf::Message; end
|
|
186
198
|
class QueryResourcesResponse < ::Protobuf::Message; end
|
|
199
|
+
class AggregateResourcesRequest < ::Protobuf::Message; end
|
|
200
|
+
class AggregateResourcesResponse < ::Protobuf::Message
|
|
201
|
+
class KeyTCount < ::Protobuf::Message; end
|
|
202
|
+
|
|
203
|
+
end
|
|
204
|
+
|
|
187
205
|
class KeySpaceRequest < ::Protobuf::Message
|
|
188
206
|
class KeySpace < ::Protobuf::Message; end
|
|
189
207
|
|
|
@@ -333,12 +351,19 @@ module TRP
|
|
|
333
351
|
end
|
|
334
352
|
|
|
335
353
|
class CounterGroupT
|
|
354
|
+
class Crosskey
|
|
355
|
+
required :string, :parentguid, 1
|
|
356
|
+
required :string, :crosskeyguid_1, 2
|
|
357
|
+
optional :string, :crosskeyguid_2, 3
|
|
358
|
+
end
|
|
359
|
+
|
|
336
360
|
required :string, :guid, 1
|
|
337
361
|
required :string, :name, 2
|
|
338
362
|
optional :int64, :bucket_size, 3
|
|
339
363
|
optional ::TRP::TimeInterval, :time_interval, 4
|
|
340
364
|
optional :int64, :topper_bucket_size, 5
|
|
341
365
|
repeated ::TRP::MeterInfo, :meters, 6
|
|
366
|
+
optional ::TRP::CounterGroupT::Crosskey, :crosskey, 7
|
|
342
367
|
end
|
|
343
368
|
|
|
344
369
|
class SessionT
|
|
@@ -491,6 +516,10 @@ module TRP
|
|
|
491
516
|
optional ::TRP::FileResponse, :file_response, 123
|
|
492
517
|
optional ::TRP::GraphRequest, :graph_request, 130
|
|
493
518
|
optional ::TRP::GraphResponse, :graph_response, 131
|
|
519
|
+
optional ::TRP::AggregateSessionsRequest, :aggregate_sessions_request, 140
|
|
520
|
+
optional ::TRP::AggregateSessionsResponse, :aggregate_sessions_response, 141
|
|
521
|
+
optional ::TRP::AggregateResourcesRequest, :aggregate_resources_request, 142
|
|
522
|
+
optional ::TRP::AggregateResourcesResponse, :aggregate_resources_response, 143
|
|
494
523
|
optional :string, :destination_node, 200
|
|
495
524
|
optional :string, :probe_id, 201
|
|
496
525
|
optional :bool, :run_async, 202
|
|
@@ -608,6 +637,54 @@ module TRP
|
|
|
608
637
|
optional :string, :outputpath, 4
|
|
609
638
|
end
|
|
610
639
|
|
|
640
|
+
class AggregateSessionsRequest
|
|
641
|
+
optional :string, :session_group, 2, :default => "{99A78737-4B41-4387-8F31-8077DB917336}"
|
|
642
|
+
optional ::TRP::TimeInterval, :time_interval, 3
|
|
643
|
+
optional ::TRP::KeyT, :source_ip, 5
|
|
644
|
+
optional ::TRP::KeyT, :source_port, 6
|
|
645
|
+
optional ::TRP::KeyT, :dest_ip, 7
|
|
646
|
+
optional ::TRP::KeyT, :dest_port, 8
|
|
647
|
+
optional ::TRP::KeyT, :any_ip, 9
|
|
648
|
+
optional ::TRP::KeyT, :any_port, 10
|
|
649
|
+
repeated ::TRP::KeyT, :ip_pair, 11
|
|
650
|
+
optional ::TRP::KeyT, :protocol, 12
|
|
651
|
+
optional :string, :flowtag, 13
|
|
652
|
+
optional ::TRP::KeyT, :nf_routerid, 14
|
|
653
|
+
optional ::TRP::KeyT, :nf_ifindex_in, 15
|
|
654
|
+
optional ::TRP::KeyT, :nf_ifindex_out, 16
|
|
655
|
+
optional :string, :subnet_24, 17
|
|
656
|
+
optional :string, :subnet_16, 18
|
|
657
|
+
optional :int64, :aggregate_topcount, 19, :default => 100
|
|
658
|
+
optional :string, :group_by_fields, 20
|
|
659
|
+
end
|
|
660
|
+
|
|
661
|
+
class AggregateSessionsResponse
|
|
662
|
+
class KeyTCount
|
|
663
|
+
required ::TRP::KeyT, :key, 1
|
|
664
|
+
required :int64, :count, 2
|
|
665
|
+
required :int64, :metric, 3
|
|
666
|
+
end
|
|
667
|
+
|
|
668
|
+
required :string, :session_group, 2
|
|
669
|
+
optional ::TRP::TimeInterval, :time_interval, 3
|
|
670
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :source_ip, 5
|
|
671
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :source_port, 6
|
|
672
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :dest_ip, 7
|
|
673
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :dest_port, 8
|
|
674
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :any_ip, 9
|
|
675
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :any_port, 10
|
|
676
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :ip_pair, 11
|
|
677
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :protocol, 12
|
|
678
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :flowtag, 13
|
|
679
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :nf_routerid, 14
|
|
680
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :nf_ifindex_in, 15
|
|
681
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :nf_ifindex_out, 16
|
|
682
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :subnet_24, 17
|
|
683
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :internal_port, 18
|
|
684
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :internal_ip, 19
|
|
685
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :external_ip, 20
|
|
686
|
+
end
|
|
687
|
+
|
|
611
688
|
class UpdateKeyRequest
|
|
612
689
|
required :string, :counter_group, 2
|
|
613
690
|
repeated ::TRP::KeyT, :keys, 4
|
|
@@ -684,6 +761,25 @@ module TRP
|
|
|
684
761
|
optional :int64, :approx_count, 4
|
|
685
762
|
end
|
|
686
763
|
|
|
764
|
+
class AggregateResourcesRequest
|
|
765
|
+
required ::TRP::QueryResourcesRequest, :query, 1
|
|
766
|
+
optional :int64, :aggregate_topcount, 2, :default => 100
|
|
767
|
+
end
|
|
768
|
+
|
|
769
|
+
class AggregateResourcesResponse
|
|
770
|
+
class KeyTCount
|
|
771
|
+
required ::TRP::KeyT, :key, 1
|
|
772
|
+
required :int64, :count, 2
|
|
773
|
+
end
|
|
774
|
+
|
|
775
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :source_ip, 5
|
|
776
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :source_port, 6
|
|
777
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :destination_ip, 7
|
|
778
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :destination_port, 8
|
|
779
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :uri, 9
|
|
780
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :userlabel, 10
|
|
781
|
+
end
|
|
782
|
+
|
|
687
783
|
class KeySpaceRequest
|
|
688
784
|
class KeySpace
|
|
689
785
|
required ::TRP::KeyT, :from_key, 1
|
data/lib/trisulrp/trp.proto
CHANGED
|
@@ -119,6 +119,14 @@ message CounterGroupT {
|
|
|
119
119
|
optional TimeInterval time_interval=4; /// total time interval available in DB
|
|
120
120
|
optional int64 topper_bucket_size=5; /// topper bucketsize (streaming analytics window)
|
|
121
121
|
repeated MeterInfo meters=6; /// array of meter information (m0, m1, .. mn)
|
|
122
|
+
|
|
123
|
+
message Crosskey {
|
|
124
|
+
required string parentguid=1; /// parent GUID of ckey counter group
|
|
125
|
+
required string crosskeyguid_1=2; /// crosskey 1 guid - required
|
|
126
|
+
optional string crosskeyguid_2=3; /// crosskey 2 guid - optional
|
|
127
|
+
}
|
|
128
|
+
optional Crosskey crosskey=7; /// for cross key counter group
|
|
129
|
+
|
|
122
130
|
}
|
|
123
131
|
|
|
124
132
|
/// SessionT : an IP flow
|
|
@@ -340,6 +348,8 @@ message Message {
|
|
|
340
348
|
SUBSYSTEM_EXIT=125;
|
|
341
349
|
GRAPH_REQUEST=130;
|
|
342
350
|
GRAPH_RESPONSE=131;
|
|
351
|
+
AGGREGATE_SESSIONS_REQUEST=132;
|
|
352
|
+
AGGREGATE_SESSIONS_RESPONSE=133;
|
|
343
353
|
}
|
|
344
354
|
|
|
345
355
|
required Command trp_command=1;
|
|
@@ -403,6 +413,10 @@ message Message {
|
|
|
403
413
|
optional FileResponse file_response=123;
|
|
404
414
|
optional GraphRequest graph_request=130;
|
|
405
415
|
optional GraphResponse graph_response=131;
|
|
416
|
+
optional AggregateSessionsRequest aggregate_sessions_request=140;
|
|
417
|
+
optional AggregateSessionsResponse aggregate_sessions_response=141;
|
|
418
|
+
optional AggregateResourcesRequest aggregate_resources_request=142;
|
|
419
|
+
optional AggregateResourcesResponse aggregate_resources_response=143;
|
|
406
420
|
optional string destination_node=200; // todo move 2nd
|
|
407
421
|
optional string probe_id=201; // todo move 3rd
|
|
408
422
|
optional bool run_async=202; /// if run_async = true, then you will immediately get a AsynResponse with a token you can poll
|
|
@@ -554,6 +568,61 @@ message QuerySessionsResponse {
|
|
|
554
568
|
optional string outputpath=4; /// if 'outputpath' set in request, the sessions are here (in CSV format)
|
|
555
569
|
}
|
|
556
570
|
|
|
571
|
+
|
|
572
|
+
/// AggregateSessions - count star
|
|
573
|
+
/// query flow and then count the numbers
|
|
574
|
+
/// by default aggregate on ALL fields
|
|
575
|
+
message AggregateSessionsRequest {
|
|
576
|
+
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
|
577
|
+
optional TimeInterval time_interval=3;
|
|
578
|
+
optional KeyT source_ip=5;
|
|
579
|
+
optional KeyT source_port=6;
|
|
580
|
+
optional KeyT dest_ip=7;
|
|
581
|
+
optional KeyT dest_port=8;
|
|
582
|
+
optional KeyT any_ip=9; /// source or dest match
|
|
583
|
+
optional KeyT any_port=10; /// source or dest match
|
|
584
|
+
repeated KeyT ip_pair=11; /// array of 2 ips
|
|
585
|
+
optional KeyT protocol=12;
|
|
586
|
+
optional string flowtag=13; /// string flow tagger text
|
|
587
|
+
optional KeyT nf_routerid=14;
|
|
588
|
+
optional KeyT nf_ifindex_in=15;
|
|
589
|
+
optional KeyT nf_ifindex_out=16;
|
|
590
|
+
optional string subnet_24=17; /// ip /24 subnet matching
|
|
591
|
+
optional string subnet_16=18; /// ip /16 subnet
|
|
592
|
+
optional int64 aggregate_topcount=19[default=100]; /// number of count-star per field
|
|
593
|
+
optional string group_by_fields=20; /// list of field names
|
|
594
|
+
}
|
|
595
|
+
|
|
596
|
+
/// AggregateSessionsResponse
|
|
597
|
+
/// contains counts of each key
|
|
598
|
+
message AggregateSessionsResponse {
|
|
599
|
+
|
|
600
|
+
message KeyTCount {
|
|
601
|
+
required KeyT key=1; /// aggregate key
|
|
602
|
+
required int64 count=2; /// number of matching flows
|
|
603
|
+
required int64 metric=3; /// aggregated metrics, eg total bytes
|
|
604
|
+
}
|
|
605
|
+
|
|
606
|
+
required string session_group=2;
|
|
607
|
+
optional TimeInterval time_interval=3;
|
|
608
|
+
repeated KeyTCount source_ip=5; /// top IPs
|
|
609
|
+
repeated KeyTCount source_port=6; /// top ports
|
|
610
|
+
repeated KeyTCount dest_ip=7; /// dest IPs
|
|
611
|
+
repeated KeyTCount dest_port=8; /// dest ports
|
|
612
|
+
repeated KeyTCount any_ip=9; /// source or dest match
|
|
613
|
+
repeated KeyTCount any_port=10; /// source or dest match
|
|
614
|
+
repeated KeyTCount ip_pair=11; /// array of 2 ips
|
|
615
|
+
repeated KeyTCount protocol=12; /// protocols
|
|
616
|
+
repeated KeyTCount flowtag=13; /// string flow tagger text
|
|
617
|
+
repeated KeyTCount nf_routerid=14;
|
|
618
|
+
repeated KeyTCount nf_ifindex_in=15;
|
|
619
|
+
repeated KeyTCount nf_ifindex_out=16;
|
|
620
|
+
repeated KeyTCount subnet_24=17; /// ip /24 subnet matching
|
|
621
|
+
repeated KeyTCount internal_port=18; /// internal IP ports
|
|
622
|
+
repeated KeyTCount internal_ip=19; /// internal IPs
|
|
623
|
+
repeated KeyTCount external_ip=20; /// external IPs
|
|
624
|
+
}
|
|
625
|
+
|
|
557
626
|
/// UpdatekeysRequest
|
|
558
627
|
/// Response = OKResponse or ErrorResponse
|
|
559
628
|
message UpdateKeyRequest{
|
|
@@ -619,6 +688,7 @@ message QueryAlertsResponse {
|
|
|
619
688
|
|
|
620
689
|
|
|
621
690
|
/// QueryResourcesRequest - resource queries
|
|
691
|
+
/// DNS, HTTP,
|
|
622
692
|
message QueryResourcesRequest {
|
|
623
693
|
required string resource_group=2;
|
|
624
694
|
optional TimeInterval time_interval=3;
|
|
@@ -648,6 +718,30 @@ message QueryResourcesResponse {
|
|
|
648
718
|
}
|
|
649
719
|
|
|
650
720
|
|
|
721
|
+
/// AggregatedResourceRequest - resource queries
|
|
722
|
+
/// DNS, HTTP,
|
|
723
|
+
message AggregateResourcesRequest {
|
|
724
|
+
required QueryResourcesRequest query=1;
|
|
725
|
+
optional int64 aggregate_topcount=2[default=100]; /// number of count-star per field
|
|
726
|
+
}
|
|
727
|
+
|
|
728
|
+
/// AggregateResourcesResponse
|
|
729
|
+
/// various counters
|
|
730
|
+
message AggregateResourcesResponse {
|
|
731
|
+
|
|
732
|
+
message KeyTCount {
|
|
733
|
+
required KeyT key=1;
|
|
734
|
+
required int64 count=2;
|
|
735
|
+
}
|
|
736
|
+
|
|
737
|
+
repeated KeyTCount source_ip=5;
|
|
738
|
+
repeated KeyTCount source_port=6;
|
|
739
|
+
repeated KeyTCount destination_ip=7;
|
|
740
|
+
repeated KeyTCount destination_port=8;
|
|
741
|
+
repeated KeyTCount uri=9; /// group by URI
|
|
742
|
+
repeated KeyTCount userlabel=10; /// group by Pattern
|
|
743
|
+
}
|
|
744
|
+
|
|
651
745
|
|
|
652
746
|
/// KeySpaceRequest - search hits in Key Space
|
|
653
747
|
/// for example you can search the key space 10.0.0.0 to 11.0.0.0 to get all IP
|
data/trisulrp.gemspec
CHANGED
|
@@ -2,16 +2,16 @@
|
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
3
|
# Instead, edit Juwelier::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
|
-
# stub: trisulrp 3.2.
|
|
5
|
+
# stub: trisulrp 3.2.13 ruby lib
|
|
6
6
|
|
|
7
7
|
Gem::Specification.new do |s|
|
|
8
8
|
s.name = "trisulrp"
|
|
9
|
-
s.version = "3.2.
|
|
9
|
+
s.version = "3.2.13"
|
|
10
10
|
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
12
12
|
s.require_paths = ["lib"]
|
|
13
13
|
s.authors = ["vivek"]
|
|
14
|
-
s.date = "
|
|
14
|
+
s.date = "2019-01-18"
|
|
15
15
|
s.description = "This gem deals about the trisul remote protocol"
|
|
16
16
|
s.email = "vivek_rajagopal@yahoo.com"
|
|
17
17
|
s.extra_rdoc_files = [
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: trisulrp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- vivek
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-01-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: protobuf
|