|
PluginsUPFrame is extendible with plugins that independently of each other process the data of received UDP packets. The PortWatch plugin, which is described below, is available as download.PortWatchIntroductionPortWatch is a plugin that processes flow-level router data (received as UDP packets that contain CISCO Netflow v5 records) and calculates statistics about bandwidths of several well-known UDP, TCP and ICMP ports, as well as statistics of singe ports.  These surveilled ports are configurable at runtime. PortWatch can also show a top 30 usage of tcp, udp and icmp ports. The statistics are presented as zoomable plots. ConceptThe PortWatch plugin implements a TCP server, where the client scripts can connect to. The client scripts fill the received data either in a RRD or save the data on disk. PHP scripts create the web pages upon request. The frontend scripts can either run on the same machine as the framework or on a dedicated machine. For heavy processing, a dedicated machine is stronly suggested. SSH tunnels can be used to connect to the machine, which the framework is running on.Download and InstallationThe newest package can be found in the download section.Please read the included README file for installation instructions. |