metron-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mmiklav...@apache.org
Subject incubator-metron git commit: METRON-509: Add pcap query filter REST API documentation to README (mmiklavc) closes apache/incubator-metron#319
Date Tue, 25 Oct 2016 18:38:34 GMT
Repository: incubator-metron
Updated Branches:
  refs/heads/master 61351aabd -> b9bb5ef78


METRON-509: Add pcap query filter REST API documentation to README (mmiklavc) closes apache/incubator-metron#319


Project: http://git-wip-us.apache.org/repos/asf/incubator-metron/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-metron/commit/b9bb5ef7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-metron/tree/b9bb5ef7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-metron/diff/b9bb5ef7

Branch: refs/heads/master
Commit: b9bb5ef78408713d5561aa0afbc9e9e5afdfaeda
Parents: 61351aa
Author: mmiklavc <michael.miklavcic@gmail.com>
Authored: Tue Oct 25 14:38:20 2016 -0400
Committer: Michael Miklavcic <michael.miklavcic@gmail.com>
Committed: Tue Oct 25 14:38:20 2016 -0400

----------------------------------------------------------------------
 metron-platform/metron-api/README.md              | 18 +++++++++++++++++-
 .../pcapservice/PcapReceiverImplRestEasy.java     |  1 +
 2 files changed, 18 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/b9bb5ef7/metron-platform/metron-api/README.md
----------------------------------------------------------------------
diff --git a/metron-platform/metron-api/README.md b/metron-platform/metron-api/README.md
index 8214672..7b4aa4e 100644
--- a/metron-platform/metron-api/README.md
+++ b/metron-platform/metron-api/README.md
@@ -17,7 +17,7 @@ where
 * `QUERY_PATH` is the temporary location to store query results.  They are deleted after
the service reads them.
 * `PCAP_PATH` is the path to the packet data on HDFS
 
-## The `/pcapGetter/getPcapsByIdentifiers` Endpoint
+## The `/pcapGetter/getPcapsByIdentifiers` endpoint
 
 This endpoint takes the following query parameters and returns the subset of
 packets matching this query:
@@ -27,6 +27,22 @@ packets matching this query:
 * `dstPort` : The destination port to match on
 * `startTime` : The start time in milliseconds
 * `endTime` : The end time in milliseconds
+* `numReducers` : Specify the number of reducers to use when executing the mapreduce job
+* `includeReverseTraffic` : Indicates if filter should check swapped src/dest addresses and
IPs
+
+## The `/pcapGetter/getPcapsByQuery` endpoint
+
+This endpoint takes the following query parameters and returns the subset of
+packets matching this query. This endpoint exposes Stellar querying capabilities:
+* `query` : The Stellar query to execute
+* `startTime` : The start time in milliseconds
+* `endTime` : The end time in milliseconds
+* `numReducers` : Specify the number of reducers to use when executing the mapreduce job
+
+Example:
+`curl -XGET "http://node1:8081/pcapGetter/getPcapsByQuery?query=ip_src_addr+==+'192.168.66.121'+and+ip_src_port+==+'60500'&startTime=1476936000000"`
 
 All of these parameters are optional.  In the case of a missing
 parameter, it is treated as a wildcard.
+
+Unlike the CLI tool, there is no paging mechanism. The REST API will stream back data as
a single file.

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/b9bb5ef7/metron-platform/metron-api/src/main/java/org/apache/metron/pcapservice/PcapReceiverImplRestEasy.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-api/src/main/java/org/apache/metron/pcapservice/PcapReceiverImplRestEasy.java
b/metron-platform/metron-api/src/main/java/org/apache/metron/pcapservice/PcapReceiverImplRestEasy.java
index 5a2a0ae..1f3c03e 100644
--- a/metron-platform/metron-api/src/main/java/org/apache/metron/pcapservice/PcapReceiverImplRestEasy.java
+++ b/metron-platform/metron-api/src/main/java/org/apache/metron/pcapservice/PcapReceiverImplRestEasy.java
@@ -179,6 +179,7 @@ public class PcapReceiverImplRestEasy {
    * @param dstPort filter value
    * @param startTime filter value
    * @param endTime filter value
+   * @param numReducers Specify the number of reducers to use when executing the mapreduce
job
    * @param includeReverseTraffic Indicates if filter should check swapped src/dest addresses
and IPs
    * @param servlet_response
    * @return REST response


Mime
View raw message