Search in sources :

Example 6 with FixedPcapConfig

use of org.apache.metron.pcap.config.FixedPcapConfig in project metron by apache.

the class PcapCli method run.

public int run(String[] args) {
    if (args.length < 1) {
        printBasicHelp();
        return -1;
    }
    String jobType = args[0];
    String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
    Configuration hadoopConf = new Configuration();
    String[] otherArgs = null;
    try {
        otherArgs = new GenericOptionsParser(hadoopConf, commandArgs).getRemainingArgs();
    } catch (IOException e) {
        LOGGER.error("Failed to configure hadoop with provided options: {}", e.getMessage(), e);
        return -1;
    }
    PcapConfig commonConfig = null;
    Pageable<Path> results;
    // write to local FS in the executing directory
    String execDir = System.getProperty("user.dir");
    if ("fixed".equals(jobType)) {
        FixedCliParser fixedParser = new FixedCliParser(prefixStrategy);
        FixedPcapConfig config = null;
        try {
            config = fixedParser.parse(otherArgs);
            commonConfig = config;
            PcapOptions.FINAL_OUTPUT_PATH.put(commonConfig, new Path(execDir));
        } catch (ParseException | java.text.ParseException e) {
            System.err.println(e.getMessage());
            System.err.flush();
            fixedParser.printHelp();
            return -1;
        }
        if (config.showHelp()) {
            fixedParser.printHelp();
            return 0;
        }
        PcapOptions.FILTER_IMPL.put(commonConfig, new FixedPcapFilter.Configurator());
        config.getYarnQueue().ifPresent(s -> hadoopConf.set(MRJobConfig.QUEUE_NAME, s));
        PcapOptions.HADOOP_CONF.put(commonConfig, hadoopConf);
        try {
            PcapOptions.FILESYSTEM.put(commonConfig, FileSystem.get(hadoopConf));
            results = jobRunner.submit(PcapFinalizerStrategies.CLI, commonConfig).get();
        } catch (IOException | InterruptedException | JobException e) {
            LOGGER.error("Failed to execute fixed filter job: {}", e.getMessage(), e);
            return -1;
        }
    } else if ("query".equals(jobType)) {
        QueryCliParser queryParser = new QueryCliParser(prefixStrategy);
        QueryPcapConfig config = null;
        try {
            config = queryParser.parse(otherArgs);
            commonConfig = config;
            PcapOptions.FINAL_OUTPUT_PATH.put(commonConfig, new Path(execDir));
        } catch (ParseException | java.text.ParseException e) {
            System.err.println(e.getMessage());
            queryParser.printHelp();
            return -1;
        }
        if (config.showHelp()) {
            queryParser.printHelp();
            return 0;
        }
        PcapOptions.FILTER_IMPL.put(commonConfig, new FixedPcapFilter.Configurator());
        config.getYarnQueue().ifPresent(s -> hadoopConf.set(MRJobConfig.QUEUE_NAME, s));
        PcapOptions.HADOOP_CONF.put(commonConfig, hadoopConf);
        try {
            PcapOptions.FILESYSTEM.put(commonConfig, FileSystem.get(hadoopConf));
            results = jobRunner.submit(PcapFinalizerStrategies.CLI, commonConfig).get();
        } catch (IOException | InterruptedException | JobException e) {
            LOGGER.error("Failed to execute fixed filter job: {}", e.getMessage(), e);
            return -1;
        }
    } else {
        printBasicHelp();
        return -1;
    }
    return 0;
}
Also used : Path(org.apache.hadoop.fs.Path) PcapConfig(org.apache.metron.pcap.config.PcapConfig) Arrays(java.util.Arrays) FixedPcapFilter(org.apache.metron.pcap.filter.fixed.FixedPcapFilter) Logger(org.slf4j.Logger) FileSystem(org.apache.hadoop.fs.FileSystem) Pageable(org.apache.metron.job.Pageable) MethodHandles(java.lang.invoke.MethodHandles) LoggerFactory(org.slf4j.LoggerFactory) IOException(java.io.IOException) UUID(java.util.UUID) GenericOptionsParser(org.apache.hadoop.util.GenericOptionsParser) QueryPcapConfig(org.apache.metron.pcap.config.QueryPcapConfig) TimestampConverters(org.apache.metron.common.utils.timestamp.TimestampConverters) Pair(org.apache.commons.lang3.tuple.Pair) MRJobConfig(org.apache.hadoop.mapreduce.MRJobConfig) PcapOptions(org.apache.metron.pcap.config.PcapOptions) FixedPcapConfig(org.apache.metron.pcap.config.FixedPcapConfig) ParseException(org.apache.commons.cli.ParseException) Configuration(org.apache.hadoop.conf.Configuration) Path(org.apache.hadoop.fs.Path) PcapFinalizerStrategies(org.apache.metron.pcap.finalizer.PcapFinalizerStrategies) JobException(org.apache.metron.job.JobException) PcapJob(org.apache.metron.pcap.mr.PcapJob) Configuration(org.apache.hadoop.conf.Configuration) QueryPcapConfig(org.apache.metron.pcap.config.QueryPcapConfig) IOException(java.io.IOException) FixedPcapConfig(org.apache.metron.pcap.config.FixedPcapConfig) JobException(org.apache.metron.job.JobException) ParseException(org.apache.commons.cli.ParseException) PcapConfig(org.apache.metron.pcap.config.PcapConfig) QueryPcapConfig(org.apache.metron.pcap.config.QueryPcapConfig) FixedPcapConfig(org.apache.metron.pcap.config.FixedPcapConfig) GenericOptionsParser(org.apache.hadoop.util.GenericOptionsParser) FixedPcapFilter(org.apache.metron.pcap.filter.fixed.FixedPcapFilter)

Example 7 with FixedPcapConfig

use of org.apache.metron.pcap.config.FixedPcapConfig in project metron by apache.

the class PcapCliTest method runs_fixed_pcap_filter_job_with_full_argument_list.

@Test
public void runs_fixed_pcap_filter_job_with_full_argument_list() throws Exception {
    String[] args = { "fixed", "-start_time", "2016-06-13-18:35.00", "-end_time", "2016-06-15-18:35.00", "-date_format", "yyyy-MM-dd-HH:mm.ss", "-base_path", "/base/path", "-base_output_path", "/base/output/path", "-ip_src_addr", "192.168.1.1", "-ip_dst_addr", "192.168.1.2", "-ip_src_port", "8081", "-ip_dst_port", "8082", "-protocol", "6", "-include_reverse", "-num_reducers", "10", "-records_per_file", "1000", "-yq", "pcap", "-finalizer_threads", "10" };
    Map<String, String> query = new HashMap<String, String>() {

        {
            put(Constants.Fields.SRC_ADDR.getName(), "192.168.1.1");
            put(Constants.Fields.DST_ADDR.getName(), "192.168.1.2");
            put(Constants.Fields.SRC_PORT.getName(), "8081");
            put(Constants.Fields.DST_PORT.getName(), "8082");
            put(Constants.Fields.PROTOCOL.getName(), "6");
            put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "true");
        }
    };
    long startAsNanos = asNanos("2016-06-13-18:35.00", "yyyy-MM-dd-HH:mm.ss");
    long endAsNanos = asNanos("2016-06-15-18:35.00", "yyyy-MM-dd-HH:mm.ss");
    FixedPcapConfig config = new FixedPcapConfig(prefixStrategy);
    PcapOptions.BASE_PATH.put(config, "/base/path");
    PcapOptions.BASE_INTERIM_RESULT_PATH.put(config, "/base/output/path");
    PcapOptions.FIELDS.put(config, query);
    PcapOptions.NUM_REDUCERS.put(config, 10);
    // needed bc defaults in config
    PcapOptions.START_TIME_MS.put(config, startAsNanos / 1000000L);
    // needed bc defaults in config
    PcapOptions.END_TIME_MS.put(config, endAsNanos / 1000000L);
    PcapOptions.NUM_RECORDS_PER_FILE.put(config, 1000);
    PcapOptions.PRINT_JOB_STATUS.put(config, true);
    PcapOptions.HADOOP_CONF.put(config, new HashMap<String, Object>() {

        {
            put(MRJobConfig.QUEUE_NAME, "pcap");
        }
    });
    PcapOptions.FINALIZER_THREADPOOL_SIZE.put(config, "10");
    when(jobRunner.submit(isA(Finalizer.class), argThat(mapContaining(config)))).thenReturn(jobRunner);
    PcapCli cli = new PcapCli(jobRunner, prefixStrategy);
    assertThat("Expect no errors on run", cli.run(args), equalTo(0));
    verify(jobRunner).get();
}
Also used : FixedPcapConfig(org.apache.metron.pcap.config.FixedPcapConfig) HashMap(java.util.HashMap) Finalizer(org.apache.metron.job.Finalizer) Test(org.junit.jupiter.api.Test)

Example 8 with FixedPcapConfig

use of org.apache.metron.pcap.config.FixedPcapConfig in project metron by apache.

the class PcapCliTest method runs_fixed_pcap_filter_job_with_full_argument_list_and_default_dateformat.

@Test
public void runs_fixed_pcap_filter_job_with_full_argument_list_and_default_dateformat() throws Exception {
    String[] args = { "fixed", "-start_time", "500", "-end_time", "1000", "-base_path", "/base/path", "-base_output_path", "/base/output/path", "-ip_src_addr", "192.168.1.1", "-ip_dst_addr", "192.168.1.2", "-ip_src_port", "8081", "-ip_dst_port", "8082", "-protocol", "6", "-include_reverse", "-num_reducers", "10", "-records_per_file", "1000", "-finalizer_threads", "10" };
    Map<String, String> query = new HashMap<String, String>() {

        {
            put(Constants.Fields.SRC_ADDR.getName(), "192.168.1.1");
            put(Constants.Fields.DST_ADDR.getName(), "192.168.1.2");
            put(Constants.Fields.SRC_PORT.getName(), "8081");
            put(Constants.Fields.DST_PORT.getName(), "8082");
            put(Constants.Fields.PROTOCOL.getName(), "6");
            put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "true");
        }
    };
    FixedPcapConfig config = new FixedPcapConfig(prefixStrategy);
    PcapOptions.BASE_PATH.put(config, "/base/path");
    PcapOptions.BASE_INTERIM_RESULT_PATH.put(config, "/base/output/path");
    PcapOptions.FIELDS.put(config, query);
    PcapOptions.NUM_REDUCERS.put(config, 10);
    PcapOptions.START_TIME_MS.put(config, 500L);
    PcapOptions.END_TIME_MS.put(config, 1000L);
    PcapOptions.NUM_RECORDS_PER_FILE.put(config, 1000);
    PcapOptions.PRINT_JOB_STATUS.put(config, true);
    PcapOptions.FINALIZER_THREADPOOL_SIZE.put(config, "10");
    when(jobRunner.submit(isA(Finalizer.class), argThat(mapContaining(config)))).thenReturn(jobRunner);
    PcapCli cli = new PcapCli(jobRunner, prefixStrategy);
    assertThat("Expect no errors on run", cli.run(args), equalTo(0));
    verify(jobRunner).get();
}
Also used : FixedPcapConfig(org.apache.metron.pcap.config.FixedPcapConfig) HashMap(java.util.HashMap) Finalizer(org.apache.metron.job.Finalizer) Test(org.junit.jupiter.api.Test)

Example 9 with FixedPcapConfig

use of org.apache.metron.pcap.config.FixedPcapConfig in project metron by apache.

the class PcapCliTest method runs_query_pcap_filter_job_with_default_argument_list.

@Test
public void runs_query_pcap_filter_job_with_default_argument_list() throws Exception {
    String[] args = { "query", "-start_time", "500", "-query", "some query string" };
    String query = "some query string";
    FixedPcapConfig config = new FixedPcapConfig(prefixStrategy);
    PcapOptions.BASE_PATH.put(config, BASE_INPUT_PATH_DEFAULT);
    PcapOptions.BASE_INTERIM_RESULT_PATH.put(config, BASE_INTERIM_RESULT_PATH_DEFAULT);
    PcapOptions.FIELDS.put(config, query);
    PcapOptions.NUM_REDUCERS.put(config, 10);
    PcapOptions.START_TIME_MS.put(config, 500L);
    PcapOptions.FINALIZER_THREADPOOL_SIZE.put(config, "1");
    when(jobRunner.submit(isA(Finalizer.class), argThat(mapContaining(config)))).thenReturn(jobRunner);
    PcapCli cli = new PcapCli(jobRunner, prefixStrategy);
    assertThat("Expect no errors on run", cli.run(args), equalTo(0));
    verify(jobRunner).get();
}
Also used : FixedPcapConfig(org.apache.metron.pcap.config.FixedPcapConfig) Finalizer(org.apache.metron.job.Finalizer) Test(org.junit.jupiter.api.Test)

Aggregations

FixedPcapConfig (org.apache.metron.pcap.config.FixedPcapConfig)9 Finalizer (org.apache.metron.job.Finalizer)6 Test (org.junit.jupiter.api.Test)6 HashMap (java.util.HashMap)3 Configuration (org.apache.hadoop.conf.Configuration)3 Path (org.apache.hadoop.fs.Path)3 IOException (java.io.IOException)2 FileSystem (org.apache.hadoop.fs.FileSystem)2 TimestampConverters (org.apache.metron.common.utils.timestamp.TimestampConverters)2 Pageable (org.apache.metron.job.Pageable)2 PcapOptions (org.apache.metron.pcap.config.PcapOptions)2 FixedPcapFilter (org.apache.metron.pcap.filter.fixed.FixedPcapFilter)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 Long.toUnsignedString (java.lang.Long.toUnsignedString)1 MethodHandles (java.lang.invoke.MethodHandles)1 java.util (java.util)1 Arrays (java.util.Arrays)1 UUID (java.util.UUID)1 CommandLine (org.apache.commons.cli.CommandLine)1 ParseException (org.apache.commons.cli.ParseException)1