Sniwi - the kiwi sniffer, is a monitoring tool intended to alert any user by detecting high HTTP traffic appening real-time on a webserver.
__ _
/ ('>-
\__/
L\_
It will simply 'sniff' the apache logfile located in /var/log/apache.log
and giving you interseting feedback it might have found.
- Python3.7
OR
- Docker
- docker-compose
# clone sniwi repository
git clone https://github.com/kruupos/sniwi.git
pipenv shell
python3 -m sniwi
# first build the docker image, you need to do this only once
docker-compose build
# then launch the app
docker-compose run --rm sniwi # May freeze.
Note: if you have docker-for-windows installed you can use
docker-compose run --rm sniwi_windows
it will map the container folder /var/log
to your current folder.
Because tty and stdin are set to true in docker-compose, running the app will launch the app directly inside your terminal
usage: sniwi [-h] [-f PATH] [-i SECOND] [-a SECOND] [-t SECOND]
optional arguments:
-h, --help show this help message and exit
-f PATH, --file-path PATH path of monitoring file
-i SECOND, --threshold-max-hits SECOND ratio requests/secs to trigger an alert
-a SECOND, --alert-interval SECOND interval for alert
-t SECOND, --traffic-interval SECOND interval for refreshing traffic information
Done with pytest
# first build the docker image, you need to do this only once
docker-compose -f ./docker-compose.test.yml build
# Then run pytest
docker-compose -f ./docker-compose.test.yml run --rm pytest
# run pipenv
pipenv shell
# Then run the tests
pytest ./tests -v
instanciate ConsoleInterface
and Sniffer
Core class of the application, handling all the coroutines created in the main loop with ayncio
.
3 of them are periodical and are acting like a clock by awaiting themselves with different timer after an asynchrounous sleep.
tick()
, alert()
and traffic()
are responsible to send data to the console interface in order to display up-to-date metrics
aio_readline
poll and await for new data
Is responsible for the console, using urwid
as a library.
Generate a asynchronous generator to be used by aio_readline
coro.
Poll new data from file using aiofiles library (support of open witch asyncio
) in a while loop using readline()
.
Then, if the data is valid, feed it to LogParser
to transform it to an useful dictionnary
Responsible for parsing all the incoming requests. It uses regexp