D4 core
D4 core server
D4 core server is a complete server to handle clients (sensors) including the decapsulation of the D4 protocol, control of
sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers.
Database map - Metadata
DB 0 - Stats + sensor configs
DB 1 - Users
DB 2 - Analyzer queue
DB 3 - Flask Cache
DB 1
User Management:
| Hset Key |
Field |
Value |
| user:all |
user id |
password hash |
|
|
|
| user:tokens |
token |
user id |
|
|
|
| user_metadata:user id |
token |
token |
|
change_passwd |
boolean |
|
role |
role |
| Set Key |
Value |
| user_role:role |
user id |
| Zrank Key |
Field |
Value |
| ail:all_role |
role |
int, role priority (1=admin) |
Server
| Key |
Value |
| server:hmac_default_key |
hmac_default_key |
| Set Key |
Value |
| server:accepted_type |
accepted type |
| server:accepted_extended_type |
accepted extended type |
Server Mode
| Set Key |
Value |
| blacklist_ip |
blacklisted ip |
| blacklist_ip_by_uuid |
uuidv4 |
| blacklist_uuid |
uuidv4 |
Connection Manager
| Set Key |
Value |
| active_connection |
uuid |
|
|
| active_connection:type |
uuid |
| active_connection_extended_type:uuid |
extended type |
|
|
| active_uuid_type2:uuid |
session uuid |
|
|
| map:active_connection-uuid-session_uuid:uuid |
session uuid |
| Set Key |
Field |
Value |
| map:session-uuid_active_extended_type |
session_uuid |
extended_type |
Stats
| Zset Key |
Field |
Value |
| stat_uuid_ip:date:uuid |
IP |
number D4 Packets |
|
|
|
| stat_uuid_type:date:uuid |
type |
number D4 Packets |
|
|
|
| stat_type_uuid:date:type |
uuid |
number D4 Packets |
|
|
|
| stat_ip_uuid:20190519:158.64.14.86 |
uuid |
number D4 Packets |
|
|
|
|
|
|
| daily_uuid:date |
uuid |
number D4 Packets |
|
|
|
| daily_type:date |
type |
number D4 Packets |
|
|
|
| daily_ip:date |
IP |
number D4 Packets |
metadata sensors
| Hset Key |
Field |
Value |
| metadata_uuid:uuid |
first_seen |
epoch |
|
last_seen |
epoch |
|
description |
description |
|
Error |
error message |
|
hmac_key |
hmac_key |
|
user_id |
user_id |
Last IP
| List Key |
Value |
| list_uuid_ip:uuid |
IP |
metadata types by sensors
| Hset Key |
Field |
Value |
| metadata_uuid:uuid |
first_seen |
epoch |
|
last_seen |
epoch |
| Set Key |
Value |
| all_types_by_uuid:uuid |
type |
| all_extended_types_by_uuid:uuid |
type |
analyzers
metadata
| Hset Key |
Field |
Value |
| analyzer:uuid |
last_updated |
epoch |
|
description |
description |
|
max_size |
queue max size |
all analyzers by type
| Set Key |
Value |
| analyzer:type |
uuid |
| analyzer:254:extended type |
uuid |