You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@metron.apache.org by mm...@apache.org on 2018/07/11 01:32:52 UTC
[36/50] [abbrv] metron git commit: METRON-1646 Sensor Stubs should
work when kerberized (nickwallen) closes apache/metron#1087
METRON-1646 Sensor Stubs should work when kerberized (nickwallen) closes apache/metron#1087
Project: http://git-wip-us.apache.org/repos/asf/metron/repo
Commit: http://git-wip-us.apache.org/repos/asf/metron/commit/81282de2
Tree: http://git-wip-us.apache.org/repos/asf/metron/tree/81282de2
Diff: http://git-wip-us.apache.org/repos/asf/metron/diff/81282de2
Branch: refs/heads/feature/METRON-1554-pcap-query-panel
Commit: 81282de288d94b1fa8c57917ff6a34079eca77e1
Parents: 3a6fb38
Author: nickwallen <ni...@nickallen.org>
Authored: Thu Jun 28 14:07:32 2018 -0400
Committer: nickallen <ni...@apache.org>
Committed: Thu Jun 28 14:07:32 2018 -0400
----------------------------------------------------------------------
.../roles/sensor-stubs/templates/start-bro-stub | 25 ++++++++++++++-----
.../sensor-stubs/templates/start-snort-stub | 25 ++++++++++++++-----
.../roles/sensor-stubs/templates/start-yaf-stub | 26 ++++++++++++++------
3 files changed, 57 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/metron/blob/81282de2/metron-deployment/ansible/roles/sensor-stubs/templates/start-bro-stub
----------------------------------------------------------------------
diff --git a/metron-deployment/ansible/roles/sensor-stubs/templates/start-bro-stub b/metron-deployment/ansible/roles/sensor-stubs/templates/start-bro-stub
index 979de3d..24027b3 100644
--- a/metron-deployment/ansible/roles/sensor-stubs/templates/start-bro-stub
+++ b/metron-deployment/ansible/roles/sensor-stubs/templates/start-bro-stub
@@ -21,14 +21,20 @@
# simulates the behavior of a sensor by sending canned telemetry data
# to a Kafka topic.
#
-# a subset of the canned data is randomly selected and is sent in
+# a subset of the canned data is randomly selected and is sent in
# batches. the timestamp of the message is altered to match current
-# system time. the number of messages sent in each batch, along with
+# system time. the number of messages sent in each batch, along with
# the time delay between batches can be configured.
#
# start-bro-stub <DELAY> <COUNT>
#
+METRON_SYSCONFIG="/etc/default/metron"
+if [ -f "$METRON_SYSCONFIG" ]; then
+ set -a
+ . "$METRON_SYSCONFIG"
+fi
+
#
# how long to delay between each 'batch' in seconds.
#
@@ -36,20 +42,27 @@ DELAY=${1:-{{ sensor_stubs_delay }}}
#
# how many messages to send in each 'batch'. the messages are drawn randomly
-# from the entire set of canned data.
+# from the entire set of canned data.
#
COUNT=${2:-{{ sensor_stubs_count }}}
INPUT="{{ sensor_stubs_data }}/bro.out"
PRODUCER="{{ kafka_home }}/bin/kafka-console-producer.sh"
TOPIC="bro"
+SECURITY_ENABLED=${SECURITY_ENABLED:-false}
+KAFKA_SECURITY_PROTOCOL=${KAFKA_SECURITY_PROTOCOL:-PLAINTEXT}
+
+if [ ${SECURITY_ENABLED,,} == 'true' ]; then
+ echo "Security enabled"
+ kinit -kt $METRON_SERVICE_KEYTAB $METRON_PRINCIPAL_NAME
+fi
while true; do
-
+
# transform the bro timestamp and push to kafka
SEARCH="\"ts\"\:[0-9]\+\."
REPLACE="\"ts\"\:`date +%s`\."
- shuf -n $COUNT $INPUT | sed -e "s/$SEARCH/$REPLACE/g" | $PRODUCER --broker-list {{ kafka_broker_url }} --topic $TOPIC
-
+ shuf -n $COUNT $INPUT | sed -e "s/$SEARCH/$REPLACE/g" | $PRODUCER --broker-list $BROKERLIST --topic $TOPIC --security-protocol $KAFKA_SECURITY_PROTOCOL
+
sleep $DELAY
done
http://git-wip-us.apache.org/repos/asf/metron/blob/81282de2/metron-deployment/ansible/roles/sensor-stubs/templates/start-snort-stub
----------------------------------------------------------------------
diff --git a/metron-deployment/ansible/roles/sensor-stubs/templates/start-snort-stub b/metron-deployment/ansible/roles/sensor-stubs/templates/start-snort-stub
index 3123782..c60c002 100644
--- a/metron-deployment/ansible/roles/sensor-stubs/templates/start-snort-stub
+++ b/metron-deployment/ansible/roles/sensor-stubs/templates/start-snort-stub
@@ -21,14 +21,20 @@
# simulates the behavior of a sensor by sending canned telemetry data
# to a Kafka topic.
#
-# a subset of the canned data is randomly selected and is sent in
+# a subset of the canned data is randomly selected and is sent in
# batches. the timestamp of the message is altered to match current
-# system time. the number of messages sent in each batch, along with
+# system time. the number of messages sent in each batch, along with
# the time delay between batches can be configured.
#
# start-snort-stub <DELAY> <COUNT>
#
+METRON_SYSCONFIG="/etc/default/metron"
+if [ -f "$METRON_SYSCONFIG" ]; then
+ set -a
+ . "$METRON_SYSCONFIG"
+fi
+
#
# how long to delay between each 'batch' in seconds.
#
@@ -36,20 +42,27 @@ DELAY=${1:-{{ sensor_stubs_delay }}}
#
# how many messages to send in each 'batch'. the messages are drawn randomly
-# from the entire set of canned data.
+# from the entire set of canned data.
#
COUNT=${2:-{{ sensor_stubs_count }}}
INPUT="{{ sensor_stubs_data }}/snort.out"
PRODUCER="{{ kafka_home }}/bin/kafka-console-producer.sh"
TOPIC="snort"
+SECURITY_ENABLED=${SECURITY_ENABLED:-false}
+KAFKA_SECURITY_PROTOCOL=${KAFKA_SECURITY_PROTOCOL:-PLAINTEXT}
+
+if [ ${SECURITY_ENABLED,,} == 'true' ]; then
+ echo "Security enabled"
+ kinit -kt $METRON_SERVICE_KEYTAB $METRON_PRINCIPAL_NAME
+fi
while true; do
-
+
# transform the timestamp and push to kafka
SEARCH="[^,]\+ ,"
REPLACE="`date +'%m\/%d\/%y-%H:%M:%S'`.000000 ,"
- shuf -n $COUNT $INPUT | sed -e "s/$SEARCH/$REPLACE/g" | $PRODUCER --broker-list {{ kafka_broker_url }} --topic $TOPIC
-
+ shuf -n $COUNT $INPUT | sed -e "s/$SEARCH/$REPLACE/g" | $PRODUCER --broker-list $BROKERLIST --topic $TOPIC --security-protocol $KAFKA_SECURITY_PROTOCOL
+
sleep $DELAY
done
http://git-wip-us.apache.org/repos/asf/metron/blob/81282de2/metron-deployment/ansible/roles/sensor-stubs/templates/start-yaf-stub
----------------------------------------------------------------------
diff --git a/metron-deployment/ansible/roles/sensor-stubs/templates/start-yaf-stub b/metron-deployment/ansible/roles/sensor-stubs/templates/start-yaf-stub
index 1966d39..c218c60 100644
--- a/metron-deployment/ansible/roles/sensor-stubs/templates/start-yaf-stub
+++ b/metron-deployment/ansible/roles/sensor-stubs/templates/start-yaf-stub
@@ -21,14 +21,20 @@
# simulates the behavior of a sensor by sending canned telemetry data
# to a Kafka topic.
#
-# a subset of the canned data is randomly selected and is sent in
+# a subset of the canned data is randomly selected and is sent in
# batches. the timestamp of the message is altered to match current
-# system time. the number of messages sent in each batch, along with
+# system time. the number of messages sent in each batch, along with
# the time delay between batches can be configured.
#
# start-yaf-stub <DELAY> <COUNT>
#
+METRON_SYSCONFIG="/etc/default/metron"
+if [ -f "$METRON_SYSCONFIG" ]; then
+ set -a
+ . "$METRON_SYSCONFIG"
+fi
+
#
# how long to delay between each 'batch' in seconds.
#
@@ -36,21 +42,27 @@ DELAY=${1:-{{ sensor_stubs_delay }}}
#
# how many messages to send in each 'batch'. the messages are drawn randomly
-# from the entire set of canned data.
+# from the entire set of canned data.
#
COUNT=${2:-{{ sensor_stubs_count }}}
-
INPUT="{{ sensor_stubs_data }}/yaf.out"
PRODUCER="{{ kafka_home }}/bin/kafka-console-producer.sh"
TOPIC="yaf"
+SECURITY_ENABLED=${SECURITY_ENABLED:-false}
+KAFKA_SECURITY_PROTOCOL=${KAFKA_SECURITY_PROTOCOL:-PLAINTEXT}
+
+if [ ${SECURITY_ENABLED,,} == 'true' ]; then
+ echo "Security enabled"
+ kinit -kt $METRON_SERVICE_KEYTAB $METRON_PRINCIPAL_NAME
+fi
while true; do
-
+
# transform the timestamp and push to kafka
SEARCH="[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\} [0-9]\{2\}:[0-9]\{2\}:[0-9]\{2\}\.[0-9]\+"
REPLACE="`date +'%Y-%m-%d %H:%M:%S'`.000"
- shuf -n $COUNT $INPUT | sed -e "s/$SEARCH/$REPLACE/g" | $PRODUCER --broker-list {{ kafka_broker_url }} --topic $TOPIC
-
+ shuf -n $COUNT $INPUT | sed -e "s/$SEARCH/$REPLACE/g" | $PRODUCER --broker-list $BROKERLIST --topic $TOPIC --security-protocol $KAFKA_SECURITY_PROTOCOL
+
sleep $DELAY
done