node.py

Configuration objects built around Zeek's node.cfg file.

To import...

from dynamite_nsm.services.base.config_objects.zeek import node as zeek_config_node

`Logger`

`init(self, logger_name, host)` `special`

A Zeek logger process

Parameters:

Name	Type	Description	Default
`logger_name`	`str`	The name of the logger	required
`host`	`str`	The host to bind to	required

Source code in dynamite_nsm/services/base/config_objects/zeek/node.py

def __init__(self, logger_name: str, host: str):
    """
    A Zeek logger process
    Args:
        logger_name: The name of the logger
        host: The host to bind to
    """
    super().__init__(logger_name, 'logger', host)

`Loggers`

`init(self, loggers=None)` `special`

A collection of one or more loggers

Parameters:

Name	Type	Description	Default
`loggers`	`Optional[List[dynamite_nsm.services.base.config_objects.zeek.node.Logger]]`	A Logger object	`None`

Source code in dynamite_nsm/services/base/config_objects/zeek/node.py

def __init__(self, loggers: Optional[List[Logger]] = None):
    """
    A collection of one or more loggers

    Args:
        loggers: A Logger object
    """
    super().__init__(components=loggers)

`Manager`

`init(self, manager_name, host)` `special`

A Zeek manager process

Parameters:

Name	Type	Description	Default
`manager_name`	`str`	The name of the logger	required
`host`	`str`	The host to bind to	required

Source code in dynamite_nsm/services/base/config_objects/zeek/node.py

def __init__(self, manager_name: str, host: str):
    """
    A Zeek manager process
    Args:
        manager_name: The name of the logger
        host: The host to bind to
    """
    super().__init__(manager_name, 'manager', host)

`Proxies`

A collection of one or more proxies

Parameters:

Name	Type	Description	Default
`proxies`		A Proxy object	required

`Proxy`

A Zeek proxy process

Parameters:

Name	Type	Description	Default
`proxy_name`		The name of the logger	required
`host`		The host to bind to	required

`Worker`

`init(self, worker_name, interface_name, cluster_id, cluster_type='FANOUT_HASH', load_balance_processes=1, pinned_cpus=(0,), host='localhost')` `special`

A Zeek worker process that uses AF_PACKET for packet acquisition

Parameters:

Name	Type	Description	Default
`worker_name`	`str`	The name of the worker	required
`interface_name`	`str`	The name of a network interface to monitor	required
`cluster_id`	`int`	A unique integer associated with this worker. Maps to af_packet_fanout_id	required
`cluster_type`	`Optional[str]`	The algorithm used to spread traffic between sockets. Maps to af_packet_fanout_mode	`'FANOUT_HASH'`
`load_balance_processes`	`Optional[int]`	The number of Zeek processes associated with a given worker	`1`
`pinned_cpus`	`Optional[Tuple]`	List of CPU cores that are dedicated to this worker	`(0,)`
`host`	`Optional[str]`	The host to bind to	`'localhost'`

Returns:

Type	Description
	None

Source code in dynamite_nsm/services/base/config_objects/zeek/node.py

def __init__(self, worker_name: str, interface_name: str, cluster_id: int,
             cluster_type: Optional[str] = 'FANOUT_HASH', load_balance_processes: Optional[int] = 1,
             pinned_cpus: Optional[Tuple] = (0,), host: Optional[str] = 'localhost'):
    """A Zeek worker process that uses AF_PACKET for packet acquisition
    Args:
        worker_name: The name of the worker
        interface_name: The name of a network interface to monitor
        cluster_id: A unique integer associated with this worker. Maps to af_packet_fanout_id
        cluster_type: The algorithm used to spread traffic between sockets. Maps to af_packet_fanout_mode
        load_balance_processes: The number of Zeek processes associated with a given worker
        pinned_cpus: List of CPU cores that are dedicated to this worker
        host: The host to bind to
    Returns:
        None
    """
    super().__init__(worker_name, 'worker', host)

    self.name = worker_name
    self.interface = interface_name.replace('af_packet::', '')
    self.cluster_id = cluster_id
    self.cluster_type = cluster_type.replace('AF_Packet::', '')
    if self.cluster_type in CLUSTER_TYPE_TO_AF_PACKET_FANOUT_MODE_MAP.keys():
        self.cluster_type = CLUSTER_TYPE_TO_AF_PACKET_FANOUT_MODE_MAP.get(self.cluster_type)
    self.load_balance_processes = load_balance_processes
    self.pinned_cpus = list(pinned_cpus)

`Workers`

`init(self, workers=None)` `special`

A collection of one or more workers

Parameters:

Name	Type	Description	Default
`workers`	`Optional[List[dynamite_nsm.services.base.config_objects.zeek.node.Worker]]`	A Worker object	`None`

Source code in dynamite_nsm/services/base/config_objects/zeek/node.py

def __init__(self, workers: Optional[List[Worker]] = None):
    """
    A collection of one or more workers

    Args:
        workers: A Worker object
    """
    super().__init__(components=workers)

node.py

Logger

__init__(self, logger_name, host) special

Loggers

__init__(self, loggers=None) special

Manager

__init__(self, manager_name, host) special

Proxies

Proxy

Worker

__init__(self, worker_name, interface_name, cluster_id, cluster_type='FANOUT_HASH', load_balance_processes=1, pinned_cpus=(0,), host='localhost') special

Workers

__init__(self, workers=None) special

`Logger`

`init(self, logger_name, host)` `special`

`Loggers`

`init(self, loggers=None)` `special`

`Manager`

`init(self, manager_name, host)` `special`

`Proxies`

`Proxy`

`Worker`

`init(self, worker_name, interface_name, cluster_id, cluster_type='FANOUT_HASH', load_balance_processes=1, pinned_cpus=(0,), host='localhost')` `special`

`Workers`

`init(self, workers=None)` `special`