def ethernet_Mac(collection):
Field1 = 'EthernetHeader.source_address'
Field2 = 'EthernetHeader.destination_address'
projects = collection.find(projection=[Field1]).distinct(Field1)
json_projects = []
for project in projects:
json_projects.append(project)
projects = collection.find(projection=[Field2]).distinct(Field2)
for project in projects:
helper.addDistinct(json_projects, project)
json_projects = json.dumps(json_projects, default=json_util.default)
return json_projects
def ethernet_Mac(collection):
Field1 = "EthernetHeader.source_address"
Field2 = "EthernetHeader.destination_address"
projects = collection.find(projection=[Field1]).distinct(Field1)
json_projects = []
for project in projects:
json_projects.append(project)
projects = collection.find(projection=[Field2]).distinct(Field2)
for project in projects:
helper.addDistinct(json_projects, project)
json_projects = json.dumps(json_projects, default=json_util.default)
return json_projects
def ip_Matrix(collection):
json_projects = {}
nodes = []
links = []
nodes_ = []
nodeLink = {}
seenLinks = {}
ident = 0
Field = "IPHeader.destination_address"
projects = collection.find({"EthernetHeader.type":2048}).distinct(Field)
for project in projects:
helper.addDistinct(nodes_, project)
Field = "IPHeader.source_address"
projects = collection.find({"EthernetHeader.type":2048}).distinct(Field)
for project in projects:
helper.addDistinct(nodes_, project)
for node in nodes_:
tmp = {}
tmp["name"] = node
tmp["id"] = ident
nodeLink[node] = ident
ident = ident + 1
tmp["group"] = 1
nodes.append(tmp)
x = {"$project": {"srcip": "$IPHeader.source_address", "dstip": "$IPHeader.destination_address" }}
y = {"$match": {"IPHeader.source_address" : {"$exists": True}}}
z = {"$group": {"_id": {"srcip": "$srcip", "dstip": "$dstip"}, "count": {"$sum" : 1}}}
pipeline = [y,x,z]
projects = collection.aggregate(pipeline)
for project in projects:
tmp = {}
source = project.get("_id").get("srcip")
target = project.get("_id").get("dstip")
seenLink = source+target
if seenLink in seenLinks:
for singleLink in links:
if singleLink["source"] == source and singleLink["target"] == target:
singleLink["value"] = singleLink["value"] + project.get("count")
else:
tmp["source"] = nodeLink[source]
tmp["target"] = nodeLink[target]
tmp["value"] = project.get("count")
links.append(tmp)
seenLinks[seenLink] = links.index(tmp)
json_projects["nodes"] = nodes
json_projects["links"] = links
json_projects = json.dumps(json_projects, default=json_util.default)
return json_projects
def ip_Matrix(collection):
json_projects = {}
nodes = []
links = []
nodes_ = []
nodeLink = {}
seenLinks = {}
ident = 0
Field = "IPHeader.destination_address"
projects = collection.find({"EthernetHeader.type":2048}).distinct(Field)
for project in projects:
helper.addDistinct(nodes_, project)
Field = "IPHeader.source_address"
projects = collection.find({"EthernetHeader.type":2048}).distinct(Field)
for project in projects:
helper.addDistinct(nodes_, project)
for node in nodes_:
tmp = {}
tmp["name"] = node
tmp["id"] = ident
nodeLink[node] = ident
ident = ident + 1
tmp["group"] = 1
nodes.append(tmp)
x = {"$project": {"srcip": "$IPHeader.source_address", "dstip": "$IPHeader.destination_address" }}
y = {"$match": {"IPHeader.source_address" : {"$exists": True}}}
z = {"$group": {"_id": {"srcip": "$srcip", "dstip": "$dstip"}, "count": {"$sum" : 1}}}
pipeline = [y,x,z]
projects = collection.aggregate(pipeline)
for project in projects:
tmp = {}
source = project.get("_id").get("srcip")
target = project.get("_id").get("dstip")
seenLink = source+target
if seenLink in seenLinks:
for singleLink in links:
if singleLink["source"] == source and singleLink["target"] == target:
singleLink["value"] = singleLink["value"] + project.get("count")
else:
tmp["source"] = nodeLink[source]
tmp["target"] = nodeLink[target]
tmp["value"] = project.get("count")
links.append(tmp)
seenLinks[seenLink] = links.index(tmp)
json_projects["nodes"] = nodes
json_projects["links"] = links
json_projects = json.dumps(json_projects, default=json_util.default)
return json_projects
