This repository was archived by the owner on Jan 21, 2023. It is now read-only.
File tree 4 files changed +32
-10
lines changed
4 files changed +32
-10
lines changed Original file line number Diff line number Diff line change @@ -12,3 +12,4 @@ pcap/test2.pcap
1212pcap /test.pcap
1313.circleci /build_num
1414pcap /local.bro
15+ kafka.out
Original file line number Diff line number Diff line change @@ -29,8 +29,7 @@ ifeq ($(BUILD),elastic)
2929 @http localhost:9200/_cat/indices
3030 @open -a Safari https://goo.gl/e5v7Qr
3131else ifeq ($(BUILD),kafka)
32- @docker-compose -f docker-compose.kafka.yml up -d bro
33- # @docker-compose -f docker-compose.kafka.yml up consumer
32+ @tests/kafka.sh
3433else ifeq ($(BUILD),redis)
3534 @docker-compose -f docker-compose.redis.yml up -d logstash
3635 @docker-compose -f docker-compose.elastic.yml up bro
Original file line number Diff line number Diff line change 11version : ' 3'
22services :
3+ zookeeper :
4+ image : blacktop/kafka:0.11
5+ ports :
6+ - " 2181:2181"
7+ command : zookeeper-server-start.sh config/zookeeper.properties
38 kafka :
49 image : blacktop/kafka:0.11
510 ports :
611 - " 9092:9092"
12+ links :
13+ - zookeeper
714 environment :
815 - KAFKA_ADVERTISED_HOST_NAME=localhost
916 - KAFKA_CREATE_TOPICS=bro:1:1
@@ -17,11 +24,3 @@ services:
1724 volumes :
1825 - ./pcap:/pcap
1926 command : -F -r heartbleed.pcap local "Site::local_nets += { 192.168.11.0/24 }"
20- consumer :
21- depends_on :
22- - kafka
23- image : blacktop/kafka:0.11
24- links :
25- - kafka:localhost
26- command : |
27- kafka-console-consumer.sh --bootstrap-server localhost:9092 --topic bro --from-beginning
Original file line number Diff line number Diff line change 1+ #! /bin/bash
2+
3+ # clean up
4+ rm kafka.out || true
5+
6+ echo " ===> Starting kafka..."
7+ docker run -d --name kafka \
8+ -p 9092:9092 \
9+ -e KAFKA_ADVERTISED_HOST_NAME=localhost \
10+ -e KAFKA_CREATE_TOPICS=bro:1:1 \
11+ blacktop/kafka:0.11
12+
13+ echo " ===> Starting bro..."
14+ docker run -d --rm \
15+ --link kafka:localhost \
16+ -v ` pwd`
17+ blacktop/bro:kafka -F -r heartbleed.pcap local " Site::local_nets += { 192.168.11.0/24 }"
18+
19+ sleep 10; echo " ===> Starting kafka consumer..."
20+ kafka-console-consumer -brokers=localhost:9092 -topic bro -offset=oldest > kafka.out &
21+ sleep 5; kill %1 > /dev/null 2>&1
22+
23+ cat kafka.out | grep ' Value:' | cut -d ' :' | jq ' select(.notice != null) | .notice.note'
You can’t perform that action at this time.
0 commit comments