trisulrp 3.2.9 → 3.2.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/trisulrp/protocol.rb +5 -0
- data/lib/trisulrp/trp.pb.rb +97 -1
- data/lib/trisulrp/trp.proto +94 -0
- data/trisulrp.gemspec +3 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d418f25fea2c8eaed993c659026c8e8217095bbb
|
|
4
|
+
data.tar.gz: 00601201b5c7878cf9fb719891ed71327100b797
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6604ebee90f6e960e9609e228f93abbabe94922aae71bf84782346f8c4c84e9c32c17a18f30952fb46ca167282684d30d6b957894b75decbaf7aa35a309c64ac
|
|
7
|
+
data.tar.gz: 3d9404aab2c1f12462c48bde1714022724ea62f4c225fe5a7106f11e92194827caf8a9b0aa1d60d9dd2b350253df6fea072a1ad5d7e4b24c70eeef476e69698b
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.2.
|
|
1
|
+
3.2.13
|
data/lib/trisulrp/protocol.rb
CHANGED
|
@@ -460,6 +460,9 @@ module TrisulRP::Protocol
|
|
|
460
460
|
when TRP::Message::Command::QUERY_SESSIONS_REQUEST
|
|
461
461
|
fix_TRP_Fields( TRP::QuerySessionsRequest, params)
|
|
462
462
|
req.query_sessions_request = TRP::QuerySessionsRequest.new(params)
|
|
463
|
+
when TRP::Message::Command::AGGREGATE_SESSIONS_REQUEST
|
|
464
|
+
fix_TRP_Fields( TRP::AggregateSessionsRequest, params)
|
|
465
|
+
req.aggregate_sessions_request = TRP::AggregateSessionsRequest.new(params)
|
|
463
466
|
when TRP::Message::Command::GREP_REQUEST
|
|
464
467
|
fix_TRP_Fields( TRP::GrepRequest, params)
|
|
465
468
|
req.grep_request = TRP::GrepRequest.new(params)
|
|
@@ -586,6 +589,8 @@ module TrisulRP::Protocol
|
|
|
586
589
|
resp.session_tracker_response
|
|
587
590
|
when TRP::Message::Command::QUERY_SESSIONS_RESPONSE
|
|
588
591
|
resp.query_sessions_response
|
|
592
|
+
when TRP::Message::Command::AGGREGATE_SESSIONS_RESPONSE
|
|
593
|
+
resp.aggregate_sessions_response
|
|
589
594
|
when TRP::Message::Command::GREP_RESPONSE
|
|
590
595
|
resp.grep_response
|
|
591
596
|
when TRP::Message::Command::KEYSPACE_RESPONSE
|
data/lib/trisulrp/trp.pb.rb
CHANGED
|
@@ -78,7 +78,11 @@ module TRP
|
|
|
78
78
|
|
|
79
79
|
end
|
|
80
80
|
|
|
81
|
-
class CounterGroupT < ::Protobuf::Message
|
|
81
|
+
class CounterGroupT < ::Protobuf::Message
|
|
82
|
+
class Crosskey < ::Protobuf::Message; end
|
|
83
|
+
|
|
84
|
+
end
|
|
85
|
+
|
|
82
86
|
class SessionT < ::Protobuf::Message; end
|
|
83
87
|
class AlertT < ::Protobuf::Message; end
|
|
84
88
|
class ResourceT < ::Protobuf::Message; end
|
|
@@ -159,6 +163,8 @@ module TRP
|
|
|
159
163
|
define :SUBSYSTEM_EXIT, 125
|
|
160
164
|
define :GRAPH_REQUEST, 130
|
|
161
165
|
define :GRAPH_RESPONSE, 131
|
|
166
|
+
define :AGGREGATE_SESSIONS_REQUEST, 132
|
|
167
|
+
define :AGGREGATE_SESSIONS_RESPONSE, 133
|
|
162
168
|
end
|
|
163
169
|
|
|
164
170
|
end
|
|
@@ -177,6 +183,12 @@ module TRP
|
|
|
177
183
|
class CounterGroupInfoResponse < ::Protobuf::Message; end
|
|
178
184
|
class QuerySessionsRequest < ::Protobuf::Message; end
|
|
179
185
|
class QuerySessionsResponse < ::Protobuf::Message; end
|
|
186
|
+
class AggregateSessionsRequest < ::Protobuf::Message; end
|
|
187
|
+
class AggregateSessionsResponse < ::Protobuf::Message
|
|
188
|
+
class KeyTCount < ::Protobuf::Message; end
|
|
189
|
+
|
|
190
|
+
end
|
|
191
|
+
|
|
180
192
|
class UpdateKeyRequest < ::Protobuf::Message; end
|
|
181
193
|
class SessionTrackerRequest < ::Protobuf::Message; end
|
|
182
194
|
class SessionTrackerResponse < ::Protobuf::Message; end
|
|
@@ -184,6 +196,12 @@ module TRP
|
|
|
184
196
|
class QueryAlertsResponse < ::Protobuf::Message; end
|
|
185
197
|
class QueryResourcesRequest < ::Protobuf::Message; end
|
|
186
198
|
class QueryResourcesResponse < ::Protobuf::Message; end
|
|
199
|
+
class AggregateResourcesRequest < ::Protobuf::Message; end
|
|
200
|
+
class AggregateResourcesResponse < ::Protobuf::Message
|
|
201
|
+
class KeyTCount < ::Protobuf::Message; end
|
|
202
|
+
|
|
203
|
+
end
|
|
204
|
+
|
|
187
205
|
class KeySpaceRequest < ::Protobuf::Message
|
|
188
206
|
class KeySpace < ::Protobuf::Message; end
|
|
189
207
|
|
|
@@ -333,12 +351,19 @@ module TRP
|
|
|
333
351
|
end
|
|
334
352
|
|
|
335
353
|
class CounterGroupT
|
|
354
|
+
class Crosskey
|
|
355
|
+
required :string, :parentguid, 1
|
|
356
|
+
required :string, :crosskeyguid_1, 2
|
|
357
|
+
optional :string, :crosskeyguid_2, 3
|
|
358
|
+
end
|
|
359
|
+
|
|
336
360
|
required :string, :guid, 1
|
|
337
361
|
required :string, :name, 2
|
|
338
362
|
optional :int64, :bucket_size, 3
|
|
339
363
|
optional ::TRP::TimeInterval, :time_interval, 4
|
|
340
364
|
optional :int64, :topper_bucket_size, 5
|
|
341
365
|
repeated ::TRP::MeterInfo, :meters, 6
|
|
366
|
+
optional ::TRP::CounterGroupT::Crosskey, :crosskey, 7
|
|
342
367
|
end
|
|
343
368
|
|
|
344
369
|
class SessionT
|
|
@@ -491,6 +516,10 @@ module TRP
|
|
|
491
516
|
optional ::TRP::FileResponse, :file_response, 123
|
|
492
517
|
optional ::TRP::GraphRequest, :graph_request, 130
|
|
493
518
|
optional ::TRP::GraphResponse, :graph_response, 131
|
|
519
|
+
optional ::TRP::AggregateSessionsRequest, :aggregate_sessions_request, 140
|
|
520
|
+
optional ::TRP::AggregateSessionsResponse, :aggregate_sessions_response, 141
|
|
521
|
+
optional ::TRP::AggregateResourcesRequest, :aggregate_resources_request, 142
|
|
522
|
+
optional ::TRP::AggregateResourcesResponse, :aggregate_resources_response, 143
|
|
494
523
|
optional :string, :destination_node, 200
|
|
495
524
|
optional :string, :probe_id, 201
|
|
496
525
|
optional :bool, :run_async, 202
|
|
@@ -608,6 +637,54 @@ module TRP
|
|
|
608
637
|
optional :string, :outputpath, 4
|
|
609
638
|
end
|
|
610
639
|
|
|
640
|
+
class AggregateSessionsRequest
|
|
641
|
+
optional :string, :session_group, 2, :default => "{99A78737-4B41-4387-8F31-8077DB917336}"
|
|
642
|
+
optional ::TRP::TimeInterval, :time_interval, 3
|
|
643
|
+
optional ::TRP::KeyT, :source_ip, 5
|
|
644
|
+
optional ::TRP::KeyT, :source_port, 6
|
|
645
|
+
optional ::TRP::KeyT, :dest_ip, 7
|
|
646
|
+
optional ::TRP::KeyT, :dest_port, 8
|
|
647
|
+
optional ::TRP::KeyT, :any_ip, 9
|
|
648
|
+
optional ::TRP::KeyT, :any_port, 10
|
|
649
|
+
repeated ::TRP::KeyT, :ip_pair, 11
|
|
650
|
+
optional ::TRP::KeyT, :protocol, 12
|
|
651
|
+
optional :string, :flowtag, 13
|
|
652
|
+
optional ::TRP::KeyT, :nf_routerid, 14
|
|
653
|
+
optional ::TRP::KeyT, :nf_ifindex_in, 15
|
|
654
|
+
optional ::TRP::KeyT, :nf_ifindex_out, 16
|
|
655
|
+
optional :string, :subnet_24, 17
|
|
656
|
+
optional :string, :subnet_16, 18
|
|
657
|
+
optional :int64, :aggregate_topcount, 19, :default => 100
|
|
658
|
+
optional :string, :group_by_fields, 20
|
|
659
|
+
end
|
|
660
|
+
|
|
661
|
+
class AggregateSessionsResponse
|
|
662
|
+
class KeyTCount
|
|
663
|
+
required ::TRP::KeyT, :key, 1
|
|
664
|
+
required :int64, :count, 2
|
|
665
|
+
required :int64, :metric, 3
|
|
666
|
+
end
|
|
667
|
+
|
|
668
|
+
required :string, :session_group, 2
|
|
669
|
+
optional ::TRP::TimeInterval, :time_interval, 3
|
|
670
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :source_ip, 5
|
|
671
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :source_port, 6
|
|
672
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :dest_ip, 7
|
|
673
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :dest_port, 8
|
|
674
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :any_ip, 9
|
|
675
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :any_port, 10
|
|
676
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :ip_pair, 11
|
|
677
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :protocol, 12
|
|
678
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :flowtag, 13
|
|
679
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :nf_routerid, 14
|
|
680
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :nf_ifindex_in, 15
|
|
681
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :nf_ifindex_out, 16
|
|
682
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :subnet_24, 17
|
|
683
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :internal_port, 18
|
|
684
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :internal_ip, 19
|
|
685
|
+
repeated ::TRP::AggregateSessionsResponse::KeyTCount, :external_ip, 20
|
|
686
|
+
end
|
|
687
|
+
|
|
611
688
|
class UpdateKeyRequest
|
|
612
689
|
required :string, :counter_group, 2
|
|
613
690
|
repeated ::TRP::KeyT, :keys, 4
|
|
@@ -684,6 +761,25 @@ module TRP
|
|
|
684
761
|
optional :int64, :approx_count, 4
|
|
685
762
|
end
|
|
686
763
|
|
|
764
|
+
class AggregateResourcesRequest
|
|
765
|
+
required ::TRP::QueryResourcesRequest, :query, 1
|
|
766
|
+
optional :int64, :aggregate_topcount, 2, :default => 100
|
|
767
|
+
end
|
|
768
|
+
|
|
769
|
+
class AggregateResourcesResponse
|
|
770
|
+
class KeyTCount
|
|
771
|
+
required ::TRP::KeyT, :key, 1
|
|
772
|
+
required :int64, :count, 2
|
|
773
|
+
end
|
|
774
|
+
|
|
775
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :source_ip, 5
|
|
776
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :source_port, 6
|
|
777
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :destination_ip, 7
|
|
778
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :destination_port, 8
|
|
779
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :uri, 9
|
|
780
|
+
repeated ::TRP::AggregateResourcesResponse::KeyTCount, :userlabel, 10
|
|
781
|
+
end
|
|
782
|
+
|
|
687
783
|
class KeySpaceRequest
|
|
688
784
|
class KeySpace
|
|
689
785
|
required ::TRP::KeyT, :from_key, 1
|
data/lib/trisulrp/trp.proto
CHANGED
|
@@ -119,6 +119,14 @@ message CounterGroupT {
|
|
|
119
119
|
optional TimeInterval time_interval=4; /// total time interval available in DB
|
|
120
120
|
optional int64 topper_bucket_size=5; /// topper bucketsize (streaming analytics window)
|
|
121
121
|
repeated MeterInfo meters=6; /// array of meter information (m0, m1, .. mn)
|
|
122
|
+
|
|
123
|
+
message Crosskey {
|
|
124
|
+
required string parentguid=1; /// parent GUID of ckey counter group
|
|
125
|
+
required string crosskeyguid_1=2; /// crosskey 1 guid - required
|
|
126
|
+
optional string crosskeyguid_2=3; /// crosskey 2 guid - optional
|
|
127
|
+
}
|
|
128
|
+
optional Crosskey crosskey=7; /// for cross key counter group
|
|
129
|
+
|
|
122
130
|
}
|
|
123
131
|
|
|
124
132
|
/// SessionT : an IP flow
|
|
@@ -340,6 +348,8 @@ message Message {
|
|
|
340
348
|
SUBSYSTEM_EXIT=125;
|
|
341
349
|
GRAPH_REQUEST=130;
|
|
342
350
|
GRAPH_RESPONSE=131;
|
|
351
|
+
AGGREGATE_SESSIONS_REQUEST=132;
|
|
352
|
+
AGGREGATE_SESSIONS_RESPONSE=133;
|
|
343
353
|
}
|
|
344
354
|
|
|
345
355
|
required Command trp_command=1;
|
|
@@ -403,6 +413,10 @@ message Message {
|
|
|
403
413
|
optional FileResponse file_response=123;
|
|
404
414
|
optional GraphRequest graph_request=130;
|
|
405
415
|
optional GraphResponse graph_response=131;
|
|
416
|
+
optional AggregateSessionsRequest aggregate_sessions_request=140;
|
|
417
|
+
optional AggregateSessionsResponse aggregate_sessions_response=141;
|
|
418
|
+
optional AggregateResourcesRequest aggregate_resources_request=142;
|
|
419
|
+
optional AggregateResourcesResponse aggregate_resources_response=143;
|
|
406
420
|
optional string destination_node=200; // todo move 2nd
|
|
407
421
|
optional string probe_id=201; // todo move 3rd
|
|
408
422
|
optional bool run_async=202; /// if run_async = true, then you will immediately get a AsynResponse with a token you can poll
|
|
@@ -554,6 +568,61 @@ message QuerySessionsResponse {
|
|
|
554
568
|
optional string outputpath=4; /// if 'outputpath' set in request, the sessions are here (in CSV format)
|
|
555
569
|
}
|
|
556
570
|
|
|
571
|
+
|
|
572
|
+
/// AggregateSessions - count star
|
|
573
|
+
/// query flow and then count the numbers
|
|
574
|
+
/// by default aggregate on ALL fields
|
|
575
|
+
message AggregateSessionsRequest {
|
|
576
|
+
optional string session_group=2[default="{99A78737-4B41-4387-8F31-8077DB917336}"];
|
|
577
|
+
optional TimeInterval time_interval=3;
|
|
578
|
+
optional KeyT source_ip=5;
|
|
579
|
+
optional KeyT source_port=6;
|
|
580
|
+
optional KeyT dest_ip=7;
|
|
581
|
+
optional KeyT dest_port=8;
|
|
582
|
+
optional KeyT any_ip=9; /// source or dest match
|
|
583
|
+
optional KeyT any_port=10; /// source or dest match
|
|
584
|
+
repeated KeyT ip_pair=11; /// array of 2 ips
|
|
585
|
+
optional KeyT protocol=12;
|
|
586
|
+
optional string flowtag=13; /// string flow tagger text
|
|
587
|
+
optional KeyT nf_routerid=14;
|
|
588
|
+
optional KeyT nf_ifindex_in=15;
|
|
589
|
+
optional KeyT nf_ifindex_out=16;
|
|
590
|
+
optional string subnet_24=17; /// ip /24 subnet matching
|
|
591
|
+
optional string subnet_16=18; /// ip /16 subnet
|
|
592
|
+
optional int64 aggregate_topcount=19[default=100]; /// number of count-star per field
|
|
593
|
+
optional string group_by_fields=20; /// list of field names
|
|
594
|
+
}
|
|
595
|
+
|
|
596
|
+
/// AggregateSessionsResponse
|
|
597
|
+
/// contains counts of each key
|
|
598
|
+
message AggregateSessionsResponse {
|
|
599
|
+
|
|
600
|
+
message KeyTCount {
|
|
601
|
+
required KeyT key=1; /// aggregate key
|
|
602
|
+
required int64 count=2; /// number of matching flows
|
|
603
|
+
required int64 metric=3; /// aggregated metrics, eg total bytes
|
|
604
|
+
}
|
|
605
|
+
|
|
606
|
+
required string session_group=2;
|
|
607
|
+
optional TimeInterval time_interval=3;
|
|
608
|
+
repeated KeyTCount source_ip=5; /// top IPs
|
|
609
|
+
repeated KeyTCount source_port=6; /// top ports
|
|
610
|
+
repeated KeyTCount dest_ip=7; /// dest IPs
|
|
611
|
+
repeated KeyTCount dest_port=8; /// dest ports
|
|
612
|
+
repeated KeyTCount any_ip=9; /// source or dest match
|
|
613
|
+
repeated KeyTCount any_port=10; /// source or dest match
|
|
614
|
+
repeated KeyTCount ip_pair=11; /// array of 2 ips
|
|
615
|
+
repeated KeyTCount protocol=12; /// protocols
|
|
616
|
+
repeated KeyTCount flowtag=13; /// string flow tagger text
|
|
617
|
+
repeated KeyTCount nf_routerid=14;
|
|
618
|
+
repeated KeyTCount nf_ifindex_in=15;
|
|
619
|
+
repeated KeyTCount nf_ifindex_out=16;
|
|
620
|
+
repeated KeyTCount subnet_24=17; /// ip /24 subnet matching
|
|
621
|
+
repeated KeyTCount internal_port=18; /// internal IP ports
|
|
622
|
+
repeated KeyTCount internal_ip=19; /// internal IPs
|
|
623
|
+
repeated KeyTCount external_ip=20; /// external IPs
|
|
624
|
+
}
|
|
625
|
+
|
|
557
626
|
/// UpdatekeysRequest
|
|
558
627
|
/// Response = OKResponse or ErrorResponse
|
|
559
628
|
message UpdateKeyRequest{
|
|
@@ -619,6 +688,7 @@ message QueryAlertsResponse {
|
|
|
619
688
|
|
|
620
689
|
|
|
621
690
|
/// QueryResourcesRequest - resource queries
|
|
691
|
+
/// DNS, HTTP,
|
|
622
692
|
message QueryResourcesRequest {
|
|
623
693
|
required string resource_group=2;
|
|
624
694
|
optional TimeInterval time_interval=3;
|
|
@@ -648,6 +718,30 @@ message QueryResourcesResponse {
|
|
|
648
718
|
}
|
|
649
719
|
|
|
650
720
|
|
|
721
|
+
/// AggregatedResourceRequest - resource queries
|
|
722
|
+
/// DNS, HTTP,
|
|
723
|
+
message AggregateResourcesRequest {
|
|
724
|
+
required QueryResourcesRequest query=1;
|
|
725
|
+
optional int64 aggregate_topcount=2[default=100]; /// number of count-star per field
|
|
726
|
+
}
|
|
727
|
+
|
|
728
|
+
/// AggregateResourcesResponse
|
|
729
|
+
/// various counters
|
|
730
|
+
message AggregateResourcesResponse {
|
|
731
|
+
|
|
732
|
+
message KeyTCount {
|
|
733
|
+
required KeyT key=1;
|
|
734
|
+
required int64 count=2;
|
|
735
|
+
}
|
|
736
|
+
|
|
737
|
+
repeated KeyTCount source_ip=5;
|
|
738
|
+
repeated KeyTCount source_port=6;
|
|
739
|
+
repeated KeyTCount destination_ip=7;
|
|
740
|
+
repeated KeyTCount destination_port=8;
|
|
741
|
+
repeated KeyTCount uri=9; /// group by URI
|
|
742
|
+
repeated KeyTCount userlabel=10; /// group by Pattern
|
|
743
|
+
}
|
|
744
|
+
|
|
651
745
|
|
|
652
746
|
/// KeySpaceRequest - search hits in Key Space
|
|
653
747
|
/// for example you can search the key space 10.0.0.0 to 11.0.0.0 to get all IP
|
data/trisulrp.gemspec
CHANGED
|
@@ -2,16 +2,16 @@
|
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
3
|
# Instead, edit Juwelier::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
|
-
# stub: trisulrp 3.2.
|
|
5
|
+
# stub: trisulrp 3.2.13 ruby lib
|
|
6
6
|
|
|
7
7
|
Gem::Specification.new do |s|
|
|
8
8
|
s.name = "trisulrp"
|
|
9
|
-
s.version = "3.2.
|
|
9
|
+
s.version = "3.2.13"
|
|
10
10
|
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
12
12
|
s.require_paths = ["lib"]
|
|
13
13
|
s.authors = ["vivek"]
|
|
14
|
-
s.date = "
|
|
14
|
+
s.date = "2019-01-18"
|
|
15
15
|
s.description = "This gem deals about the trisul remote protocol"
|
|
16
16
|
s.email = "vivek_rajagopal@yahoo.com"
|
|
17
17
|
s.extra_rdoc_files = [
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: trisulrp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- vivek
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-01-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: protobuf
|