ELK>> openstack-watcher-middleware>> 返回
项目作者: sapcc

项目描述 :
OpenStack Watcher Middleware - Watches and classifies OpenStack traffic
高级语言: Python
项目地址: git://github.com/sapcc/openstack-watcher-middleware.git
创建时间: 2018-04-20T14:19:59Z
项目社区:https://github.com/sapcc/openstack-watcher-middleware
开源协议:Apache License 2.0
下载


OpenStack Watcher Middleware

Build Status

The OpenStack Watcher is a WSGI middleware capable of analyzing OpenStack traffic and classifying according to the CADF Specification outlined further below.

Features

  • Analyzes OpenStack requests
  • Classifies requests according to DMTF CADF specification.
  • Stores classification data in GCI environment, which is passed to subsequent WSGI middlewares for further evaluation
  • Exposes Prometheus metrics

Principles

The watcher middleware classifies OpenStack requests based on the Cloud Auditing Data Federation (CADF) specification.
It distinguishes between initiator and target of an action.
Initiator describes the resource or the user who sent the request, Target refers to the resource against which the action was performed.

CADF Specification

The Cloud Audit Data Federation (CADF) specification defines a model for events within the OpenStack platform.
This data model is used by the watcher middleware to classify requests.
More information is provided in the CADF documentation.

Metrics

The openstack-watcher-middleware exposes the following Prometheus metrics via statsD.

openstack_watcher_api_requests_total - total count of api requests
openstack_watcher_api_requests_duration_seconds - request latency in seconds
openstack_watcher_api_requests_duration_seconds_count - total number of samples of the request duration metric
openstack_watcher_api_requests_duration_seconds_sum - sum of request latency

Supported Services

This middleware currently provides CADF-compliant support for the following OpenStack services:

  1. |-----------------------|-----------------------|
  2. | Service name          | Service type          |
  3. |-----------------------|-----------------------|
  4. | Barbican              | key-manager           |
  5. | Cinder                | volume                | 
  6. | Designate             | dns                   |
  7. | Glance                | image                 | 
  8. | Ironic                | baremetal             |
  9. | Keystone              | identity              |
  10. | Manila                | share                 |
  11. | Neutron               | network               |
  12. | Nova                  | compute               |
  13. | Swift                 | object-store          |
  14. |-----------------------|-----------------------|

Configurations for these services are provided here
Support for additional OpenStack services might require additional action configurations.

Installation & Usage

Install via

  1. pip install git+https://github.com/sapcc/openstack-watcher-middleware.git

Pipeline

The watcher should be added after the keystone auth_token middleware to be able to obtain information on the scope (project/domain) of the action.

  1. pipeline = .. auth_token watcher ..

Configuration

Mandatory configuration options in the paste.ini as shown below. See the configuration section for more options.

  1. [filter:watcher]
  2. use = egg:watcher-middleware#watcher
  3. # service_type as defined in service catalog. See supported services.
  4. # example: object-store, compute, dns, etc.
  5. service_type = <service_type>
  7. # path to configuration file containing customized action definitions
  8. config_file = /etc/watcher.yaml
cadf_openstack_dsp2038_27042015_1647774915886.pdf