L2 powered flow processing
License: Apache License 2.0
19 Apr - Convert Video For Chromecast24 Jan - Citation Needed18 Oct - Count Beta Release09 Aug - Disable reMarkable Touchscreen with evkill06 May - Support Binary File Objects with pandas.DataFrame.to_csv01 May - Citation Needed24 Feb - Types for PlantUML Parser07 Jan - reMarkable07 Nov - Citation Needed24 Oct - udev Rule Script Template
I just discovered that the cluster stalls when there are too many documents. Thus I added the techniques described here:
now i try to verify that the cluster does not kill itself over time.
A user should be able to define the id of the flowgen (3 bytes log). The last 3 bytes of the source address of the generated frames (not vendor part) should be setted accordingly. If no ID was specified the flowgen id should be choosen by random. Also the flowworker should be able to extract the flowgen id from the src-MAC and append it as env.flowgen to the packet.
There is one problem left to solve: In the cluster configuration we have the following filter in place:
ether src b4:be:b1:6b:00:b5Which ensures that we're only processing packets comming from a flowgen. I have to find a solution to do this with dynamic generated flowgen id. A 'filter all packets from a specific vendor'-bpf rule whould be handy. But I don't think this is possible.. investigating..
It would be cool if we could submit a pcap file for analysis purposes. Then the pcap gets analyzed by the flowworker.
if the flowworker does not process any traffic it will not call write_frame thus will not update Wroker.delay. Which means the last worker.delay will be transmitted to the flowgen, which might be quite high. So we've to find a way to reset the Worker.delay once the worker is in idle mode.
The idea is to write a packet filter for logstash which operates on json data.
The following configuration explains what this filter plugin does:
filter {
jqfilter {
filter => [
' Json query string ' , rule uuid
]
target => "field name"
}
}
this plugin matches the Json query string against the json representation of the event and if matched adds the rule uuid to the field specified with target.
Integrate tcp socket functionality into flowworker.py
These days it can happen that a packet is beeing processed by multiple flow workers. This happens because a swtich brodacasts packets with destination MAC to all switchports. We've to eliminate duplicated packes in the ES-database.
Idea how we can do this:
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.