isc.sensor.outputadaptor
Class OAPacketOutputAdaptor

java.lang.Object
  isc.sensor.outputadaptor.OAPacketOutputAdaptor

All Implemented Interfaces:

PacketOutputAdaptorIF

public class OAPacketOutputAdaptor
extends java.lang.Object
implements PacketOutputAdaptorIF

Output Adaptor for all layer 4 TCP/UDP packet and Session flows.

Data Dictionary:

• TCPFlow - TCP Packet keyed with a session ID
• UDPFlow - UDP Packet keyed with a session ID
• TCPSession - Summary of a TCP Client/Server communication
• UDPSession - Summary of a UDP Client/Server communication
• TCPFlowSummary - Summary of all the directional TCP packets in a session
• UDPFlowSummary - Summary of all the directional UDP packets in a session

          TCPFlow                              UDPFlow                   
 attribute       type                attribute     type
 packetTime        java.sql.timeStamp    packetTime    java.sql.timeStamp
 sensorName        String                sensorName    String
 interface         String                interface     String
 session                  String                session       String
 srcAddress        String                srcAddress    String
 srcPort           Integer               srcPort       Integer
 dstAddress        String                dstAddresss   String
 dstPort           Integer               dstPort       Integer
 packetLen         Integer               packetLen     Integer
 protocolName      String                ProtocolName  String
 IPIdent           Integer               IPIdent       Integer
 IPflags           Short                 IPFlags       Short
 IPfragOffset      Integer               IPfragOffset  Integer
 IPttl             Integer               IPttl         Integer
 TCPSeq            Long
 TCPAck            Long
 TCPFlags         Long
 
        TCPSession                             UDPSession                  
 attribute        type                   attribute        type  
 startTime        java.sql.timestamp     startTime        java.sql.timestamp
 sensorName       String                 sensorName       String
 interface_f1     String                 interface_f1     String
 interface_f2     String                 interface_f2     String
 session          String                 session          String
 duration         Long                   duration         Long
 protocol         String                 protocol         String
 client_addr      String                 client_addr      String
 client_port      Integer                client_port      Integer
 server_addr      String                 server_addr      String
 server_port      Integer                server_port      Integer
 status           String                 status           String
 service_name     String                 service_name     String
 packets_sent     Long                   packets_sent     Long
 packets_recv     Long                   packets_recv     Long
 data_sent        Long                   data_sent        Long
 data_recv        Long                   data_recv        Long
 retry_packets_sent Long                 retry_packets_sent Long
 retry_packets_recv Long                 retry_packets_recv Long
 
 
      TCPFlowSummary                           UDPFlowSummary
attribute        type                   attribute        type           
 firstPacketTime  java.sql.timestamp     firstPacketTime  java.sql.timestamp
 lastPacketTime   java.sql.timestamp     lastPacketTime   java.sql.timestamp
 sensorName       String                 sensorName       String
 interface        String                 interface        String
 session          String                 session          String
 flowNumber       Integer                flowNumber       Integer
 srcAddress       String                 srcAddress       String
 srcPort          Integer                srcPort          Integer
 dstAddress       String                 dstAddress       String
 dstPort          Integer                dstPort          Integer
 maxPacketLen     Integer                maxPacketLen     Integer
 totalPacketLen   Long                   totalPacketLen   Long
 ProtocolName     String                 ProtocolName     String
 IPIdent          Integer                IPIdent          Integer
 maxTTL           Integer                maxTTL           Integer
 packetCount      Long                   packetCount      Long
 packetTimings    Array of Longs         packetTimings    Array of Longs
 tcpFlags         Array of Shorts
 
 
 
 
 
 

Author:

John Casey
Project: DNA_sensor - Aug 12, 2005

Field Summary

protected org.openadaptor.dmx.metaobjects.types.MOCollection	lArray open adaptor collection object for Longs
protected org.openadaptor.dataobjects.DOType	lngWrap open adaptor type for collection of longs
protected static org.apache.log4j.Logger	log log4j
protected AppProperties	props Application properties
protected org.openadaptor.dmx.metaobjects.types.MOCollection	sArray open adaptor collection object for Shorts
protected org.openadaptor.dataobjects.DOType	shtWrap open adaptor type for collection of Shorts
protected OAObjectManager	tcpFlowObj Object manager for TCPFlow Object
protected OAObjectManager	tcpFlowSumObj Object manager for TCPFlowSummary Object
protected OAObjectManager	tcpSessObj Object manager for TCPSession Object
protected OAObjectManager	udpFlowObj Object manager for UDPFlow Object
protected OAObjectManager	udpFlowSumObj Object manager for UDPFlowSummary Object
protected OAObjectManager	udpSessObj Object manager for UDPSession Object

Constructor Summary

OAPacketOutputAdaptor()
null constructor

Method Summary

void	close() Close the output resource
void	writeTCPFlow(TCPBean tcpb) Write out the processed TCP packet info
void	writeTCPSession(SessionBean ses) Write out the completed TCP session
void	writeTCPSumFlows(TCPSumBean tsb, int flowN) Write out the TCP Session summary flows (client->server) and (server->client)
void	writeUDPFlow(UDPBean udpb) Write out the processed UDP packet info
void	writeUDPSession(SessionBean ses) Write out the completed UDP session
void	writeUDPSumFlows(PacketSumBean usb, int flowN) Write out the UDP Session summary flows (client->server) and (server->client)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

props

protected AppProperties props

Application properties

log

protected static org.apache.log4j.Logger log

log4j

lArray

protected org.openadaptor.dmx.metaobjects.types.MOCollection lArray

open adaptor collection object for Longs

sArray

protected org.openadaptor.dmx.metaobjects.types.MOCollection sArray

open adaptor collection object for Shorts

lngWrap

protected org.openadaptor.dataobjects.DOType lngWrap

open adaptor type for collection of longs

shtWrap

protected org.openadaptor.dataobjects.DOType shtWrap

open adaptor type for collection of Shorts

tcpSessObj

protected OAObjectManager tcpSessObj

Object manager for TCPSession Object

udpSessObj

protected OAObjectManager udpSessObj

Object manager for UDPSession Object

tcpFlowSumObj

protected OAObjectManager tcpFlowSumObj

Object manager for TCPFlowSummary Object

udpFlowSumObj

protected OAObjectManager udpFlowSumObj

Object manager for UDPFlowSummary Object

tcpFlowObj

protected OAObjectManager tcpFlowObj

Object manager for TCPFlow Object

udpFlowObj

protected OAObjectManager udpFlowObj

Object manager for UDPFlow Object

Constructor Detail

OAPacketOutputAdaptor

public OAPacketOutputAdaptor()

null constructor

Method Detail

writeTCPSession

public void writeTCPSession(SessionBean ses)
                     throws java.lang.Exception

Description copied from interface: PacketOutputAdaptorIF

Write out the completed TCP session

Specified by:

writeTCPSession in interface PacketOutputAdaptorIF

Parameters:

ses - The processed UDP session

Throws:

java.lang.Exception

writeTCPSumFlows

public void writeTCPSumFlows(TCPSumBean tsb,
                             int flowN)
                      throws java.lang.Exception

Description copied from interface: PacketOutputAdaptorIF

Write out the TCP Session summary flows (client->server) and (server->client)

Specified by:

writeTCPSumFlows in interface PacketOutputAdaptorIF

Parameters:

tsb - The processed summary flow

flowN - The flow number (1=client->server) (2=server->client)

Throws:

java.lang.Exception

writeTCPFlow

public void writeTCPFlow(TCPBean tcpb)
                  throws java.lang.Exception

Description copied from interface: PacketOutputAdaptorIF

Write out the processed TCP packet info

Specified by:

writeTCPFlow in interface PacketOutputAdaptorIF

Parameters:

tcpb - The processed TCPbean

Throws:

java.lang.Exception

close

public void close()

Description copied from interface: PacketOutputAdaptorIF

Close the output resource

Specified by:

close in interface PacketOutputAdaptorIF

writeUDPSession

public void writeUDPSession(SessionBean ses)
                     throws java.lang.Exception

Description copied from interface: PacketOutputAdaptorIF

Write out the completed UDP session

Specified by:

writeUDPSession in interface PacketOutputAdaptorIF

Parameters:

ses - The processed UDP session

Throws:

java.lang.Exception

writeUDPSumFlows

public void writeUDPSumFlows(PacketSumBean usb,
                             int flowN)
                      throws java.lang.Exception

Description copied from interface: PacketOutputAdaptorIF

Write out the UDP Session summary flows (client->server) and (server->client)

Specified by:

writeUDPSumFlows in interface PacketOutputAdaptorIF

Parameters:

usb - The processed summary flow

flowN - The flow number (1=client->server) (2=server->client)

Throws:

java.lang.Exception

writeUDPFlow

public void writeUDPFlow(UDPBean udpb)
                  throws java.lang.Exception

Description copied from interface: PacketOutputAdaptorIF

Write out the processed UDP packet info

Specified by:

writeUDPFlow in interface PacketOutputAdaptorIF

Parameters:

udpb - The processed UDP bean

Throws:

java.lang.Exception