API

The lb (load balancer) will process requests for both the ui (frontend) and the web (API) containers. It is exposed on port 80 by default. Requests that prepend /api to the URL will route requests to the web container and all other URLs will be routed to the ui container. Additionally, there is an admin container that is exposed on its own port (5001) and is not load-balanced.

Here are the available API endpoints:

admin (port 5001)

GET http://0.0.0.0:5001/v1

Path Parameters

GET http://0.0.0.0:5001/v1/id/files

Path Parameters

GET http://0.0.0.0:5001/v1/id/results

Path Parameters

GET http://0.0.0.0:5001/v1/ids

Path Parameters

GET http://0.0.0.0:5001/v1/info

Path Parameters

GET http://0.0.0.0:5001/v1/logs/:id

Path Parameters

web (port 80)

GET http://0.0.0.0/api/v1

Path Parameters

GET http://0.0.0.0/api/v1/delete/:sess_id

Deletes files and id directories associated with a session. The last session ID and request ID will be reset if they referred to this session.

Path Parameters

{ "status": "Success" }

/api/v1/id/:sess_id/:req_id/:tool/:pcap/:counter/:filename

GET http://0.0.0.0/api/v1/id/:sess_id/:req_id/:tool/:pcap/:counter/:filename

Serves up the results from a file produced by a tool given a specific PCAP uploaded for rendering.

Path Parameters

/api/v1/ids/:sess_id

GET http://0.0.0.0/api/v1/ids/:sess_id

Returns a list of all IDs and info about them for this session ID.

Path Parameters

[{"id": "ab7af73526814d58bf35f1399a5594b2", "filename": "trace_ab7af73526814d58bf35f1399a5594b2_2020-04-09_23_38_56.pcap", "tools": ["networkml", "mercury", "pcap-stats", "snort", "p0f", "pcapplot"], "original_filename": "smallFlows.pcap"}]

GET http://0.0.0.0/api/v1/info

Path Parameters

GET http://0.0.0.0/api/v1/raw/:tool/:counter/:sess_id/:req_id

Returns the raw JSON results from a tool.

Path Parameters

[
    {},
    {},
    {},
    {},
    {
        "10.0.2.15": {
            "full_os": "Windows NT kernel",
            "short_os": "Windows",
            "link": "Ethernet or modem",
            "raw_mtu": "1500",
            "mac": "08:00:27:cc:3f:1b"
        }
    }
]

/api/v1/results/:tool/:counter/:sess_id/:req_id

GET http://0.0.0.0/api/v1/results/:tool/:counter/:sess_id/:req_id

Returns the results from a tool for rendering.

Path Parameters

/api/v1/status/:sess_id/:req_id

GET http://0.0.0.0/api/v1/status/:sess_id/:req_id

Return the status of all tools for a request ID.

Path Parameters

{
    "cleaned": true,
    "mercury": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:07:51.507362+00:00"
    },
    "pcap-stats": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:07:43.972380+00:00"
    },
    "pcapplot": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:10:54.366903+00:00"
    },
    "networkml": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:09:17.470786+00:00"
    },
    "p0f": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:09:26.266748+00:00"
    },
    "pcap-dot1q": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:07:43.362974+00:00"
    },
    "snort": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:07:54.466032+00:00"
    },
    "ncapture": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:07:38.438424+00:00"
    },
    "pcap-splitter": {
        "state": "Complete",
        "timestamp": "2020-04-24T19:08:47.088579+00:00"
    }
}

/api/v1/stop/:sess_id/:req_id

GET http://0.0.0.0/api/v1/stop/:sess_id/:req_id

Stops jobs of a request ID.

Path Parameters

TO BE IMPLEMENTED

GET http://0.0.0.0/api/v1/tools

Path Parameters

POST http://0.0.0.0/api/v1/upload

Upload a PCAP file.

Request Body

{'filename': filename, 'uuid': uid, 'status': 'Success'}

ui (port 80)

GET http://0.0.0.0/

Path Parameters

POST http://0.0.0.0/express-upload

Processing uploading a file and passes it on the API.

Path Parameters

PreviousArchitectureNextStorage

Last updated