This repository is where the development of the Observable Networks Appliance (ONA) takes place. The ONA software is used to collect input data for Observable Networks' network security service. It can run on a variety of platforms, including embedded computers, physical servers, virtual machines, cloud servers, and Docker containers.

See observable.net for more information about Observable Networks' network security service.

The following platforms are officially supported:

• Ubuntu 16.04 and later
• RHEL 6 and compatible*
• RHEL 7 and compatible
• RHEL 8 and compatible
• Raspberry Pi with Raspbian
• Docker

To install the latest version on 18.04 (recommended for physical and virtual machine installations):

# wget https://onstatic.s3.amazonaws.com/ona/master/ona-service_UbuntuXenial_amd64.deb
# sudo apt install ./ona-service_UbuntuXenial_amd64.deb

* RHEL 6 and others will need /usr/bin/python2.7 to point to a working Python 2.7 installation.

The ONA is composed of a number of configurable services, supervised by a single system service, obsrvbl-ona. Control which services are running by editing /opt/obsrvbl-ona/config.local. Some of the services include:

• ONA Service: Monitors for configuration updates
• PNA Service - Collects and uploads IP traffic metadata from system network interfaces
• IPFIX Capturer - Collects and uploads NetFlow, IPFIX, or sFlow data from remote exporters
• Hostname Resolver - Resolve active IPs to local hostnames
• Log watcher: Monitors and uploads the sensor's authentication logs
• PDNS Capturer - Collects and uploads passive DNS queries