Skydive - Open Source Real-Time Network Analyzer Tool.
Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure.
Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. All the informations a stored in an Elasticsearch database.
Skydive is SDN-agnostic but provides SDN drivers in order to enhance the topology and flows informations. Currently only the Neutron driver is provided but more drivers will come soon.
Skydive relies on two main components:
- Skydive agent, has to be started on each node where the topology and flows informations will be captured.
- Skydive analyzer, the node collecting data captured by the agents
$ go get github.com/redhat-cip/skydive/cmd/skydive
For a single node setup, the configuration file is optional. For a multiple node setup, the analyzer IP/PORT need to be adapted.
Processes are bound to 127.0.0.1 by default, you can explicitly change binding address with "listen: 0.0.0.0:port" in the proper configuration sections.
See the full list of configuration parameters in the sample configuration file etc/skydive.yml.default.
$ skydive agent [--conf etc/skydive.yml]
$ skydive analyzer [--conf etc/skydive.yml]
To access to the WebUI of agents or analyzer:
About the Author :
Christian Galeone is an IT Security Specialist from Italy. He has been Acknowledged by the TOP IT 5 Companies including Yahoo!, Microsoft, AT&T, Sony. He is currently working with HOC as Author of Cyber Security & VA Research Articles.