Giters

Remosy / Onos-Elastic

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Inspiration

A traffic monitoring tool which used ELK: Sweet security

IMAGE ALT TEXT HERE

πŸ‘‰ Test dataset: was found on http://statweb.stanford.edu/~sabatti/data.html

Pre Process 1️⃣

Set environment on Ubuntu VM for ONOS

sudo apt-get install git
sudo apt-get install git-review
sudo apt-get install software-properties-common -y && \
sudo add-apt-repository ppa:webupd8team/java -y && \
sudo apt-get update && \
echo "oracle-java8-installer shared/accepted-oracle-license-v1-1 select true" | sudo debconf-set-selections && \
sudo apt-get install oracle-java8-installer oracle-java8-set-default -y

Install ONOS (same for both mac and Ubuntu)

git clone https://gerrit.onosproject.org/onos

Add variables for default setting

vi ~/.bash_profile

Insert following lines to bash_profile file

export ONOS_ROOT=~/onos
source $ONOS_ROOT/tools/dev/bash_profile

Click: shift + ":" + "wq" to save and quit. And make sure you have installed "Buck" command, otherwise:

brew install buck

If use wget: Go to page: https://www.elastic.co/start

Install Elastic

brew install Elastic

Ubuntu:

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.6.2.tar.gz
tar -xzf elasticsearch-5.6.2.tar.gz
./elasticsearch-5.6.2/bin/elasticsearch

Install Kibana

brew install Kibana

Ubuntu:

wget https://artifacts.elastic.co/downloads/kibana/kibana-5.6.2-linux-x86_64.tar.gz
tar -xzf kibana-5.6.2-linux-x86_64.tar.gz

Install Logstash

brew install Logstash

Monitoring Mininet traffic Synchronously 2️⃣

alt text

Set ONOS as Mininet controller

Use 2 VM + ONOS on MacOSX πŸ”

  • Create one VM with ONOS installed on Ubuntu with address localhost
  • Create one VM with Mininet installed with address localhost
  • Install ONOS locally on Mac OSX and create the cell to push to localhost
  • πŸ’œ disable firewall of your laptop

Set both ONOS on MacOSX and Ubuntu

Go inside of onos folder

cd onos
ok clean

Use ONOS to build a your own topology on localhost

buck build onos

If got the error:heavy_exclamation_mark: : Importing module random is forbidden: Change "buck" to "onos-buck". Click Here πŸ” Building process depends on your speed and firewall, even the network of onos-buck.

buck run onos-local

When the terminal stops poping new info texts(Like runing a server).

Commandline(another cmd window): bash onos localhost

GUI: Open: http://localhost:8181/onos/ui/login.html The Default Username: onos; Password: rocks; Localhost:127.0.0.1

Mininet ICMP(Ping): http://mininet.org/walkthrough/

ONOS show traffic https://wiki.onosproject.org/display/ONOS/Basic+ONOS+Tutorial#BasicONOSTutorial-Showalltraffic

Connect Mininet with Logstash

Q:How to sychnously send Mininet log to Logistach

A: with some latency, because of middle process.

On VM:

  • Use self-defined Python(Pox) file to do:
    • Test different settings(learning rules) of mininet (Via "Switch" 1...n cases)
    • Collect mininet output data(Ask tutor:certain function of traffic flow) and output under a same directory asynchronously

On Mac:

-- Locate the mininet outputs path of VirtualMachine from MacOSX: e.g:

ssh ubuntu@172.10.0.1 
//and locate a path
  • Since the outputs of mininet will be always located at a same path(Don't need to change the path variable in logstash), then write the #SHELL file to run:
    • Countdown user determined timelength,and excute line "/usr/local/bin/logstash -f logstash.conf" to update data.
    • Refresh Kibana dashboard by exuting kyboard operation via calling another #SHELL file

Connect Logistach with ElasticSearch and display on Kibana

Open elasticsearch and kibana separatly

/usr/local/bin/elasticsearch
/usr/local/bin/kibana

open link from kibana terminal window: http://localhost:5601 Assume get traffic data, and do configuration by createing a file named logstash.conf saved inside of logstash

[IMAGE ALT TEXT HERE

input {
  file {
    path => "/Users/.../Desktop/test.csv"
    start_position =>"beginning"
  }
}
filter{
    csv{
        separator => ","
        columns => ["date","l_ipn","r_asn","f"]
    }

    mutate {convert => ["l_ipn","integer"]}
    mutate {convert => ["r_asn","integer"]}
    mutate {convert => ["f","integer"]}
}
output {
  elasticsearch {
     hosts => "localhost"
     index => "Traffic"
     document_type => "Monitoring traffic "
  }
  stdout{}
}

then run your configuration file to send data to elasticsearch

/usr/local/bin/logstash -f logstash.conf

Q: How to stop Logstash properly?

πŸ‘» πŸŽ‰ πŸ‘» tools' folders at: ls /usr/local/Cellar

What to analysis via Mininet and ONOS?

Inspiration

IMAGE ALT TEXT HERE

About

Languages

Language:Java 100.0%