pmacct-to-elasticsearch
Advanced tools
A Python script designed to read output from pmacct daemons, to process it and to store it into ElasticSearch.
pmacct-to-elasticsearch is a python script designed to read output from pmacct daemons, to process it and to store it into ElasticSearch. It works with both memory and print plugins and, optionally, it can perform manipulations on data (such as to add fields on the basis of other values).
.. image:: img/data_flow.png :align: center
Optionally, some data transformations can be configured, to allow pmacct-to-elasticsearch to add or remove fields to/from the output documents that are sent to ElasticSearch for indexing. These additional fields may be useful to enhance graphs and reports legibility, or to add a further level of aggregation or filtering.
Install the program using pip:
.. code:: bash
pip install pmacct-to-elasticsearch
Then clone the repository and run the ./install script to setup your system:
.. code:: bash
cd /usr/local/src/ git clone https://github.com/pierky/pmacct-to-elasticsearch.git cd pmacct-to-elasticsearch/ ./install
Please refer to the CONFIGURATION.md_ file. The TRANSFORMATIONS.md_ file contains details about data transformations configuration.
.. _CONFIGURATION.md: CONFIGURATION.md .. _TRANSFORMATIONS.md: TRANSFORMATIONS.md
A simple tutorial on pmacct integration with ElasticSearch/Kibana using pmacct-to-elasticsearch can be found at http://blog.pierky.com/integration-of-pmacct-with-elasticsearch-and-kibana.
Pier Carlo Chiodi - https://pierky.com/
Blog: https://blog.pierky.com/ Twitter: @pierky <https://twitter.com/pierky>_
Code linting and fixing import and pip3 errors.
Thanks to @palisadoes (Peter Harrison) <https://github.com/palisadoes> for these fixes.
Fix: ES 6.2 compatibility.
Issue #9 <https://github.com/pierky/pmacct-to-elasticsearch/issues/9>.
New: CSV output support.
The InputFormat option in the plugin configuration file can be used to instruct pmacct-to-elasticsearch to parse CSV output from pmacct.
New: Multithreading support.
The ReaderThreads option in the plugin configuration file sets the number of threads used to process pmacct's output.
New: More command line arguments.
The command line arguments under the Configuration options group can be used to override settings done on the plugin configuration file.
Fix issue with index creation on ElasticSearch 5.x.
Thanks to Kristoffer Olsson and Daniel Lindberg for reporting this and for their extensive support.
Improved template for index creation.
Fix an issue with transformations.
First release.
FAQs
A Python script designed to read output from pmacct daemons, to process it and to store it into ElasticSearch.
We found that pmacct-to-elasticsearch demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
