yuuki / shawk Public

Notifications You must be signed in to change notification settings
Fork 4
Star 53

[PoC] A socket-based tracing system for discovering network service dependencies. (renamed from transtracer)

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 86 Commits
.github/workflows		.github/workflows
_tools		_tools
agent		agent
assets		assets
cmd		cmd
collector		collector
db		db
doc/images		doc/images
statik		statik
version		version
.gitignore		.gitignore
CHANGELOG.md		CHANGELOG.md
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
docker-compose.yml		docker-compose.yml
go.mod		go.mod
go.sum		go.sum

Repository files navigation

Transtracer

Transtracer is a tracing infrastructure for discovering network services dependecies on the transport network layer.

System Overview

Requirements

OS: Linux
RDBMS: PostgreSQL 10+

Usage

ttracerd

# ttracerd --dbuser ttracer --dbpass ttracer --dbhost 10.0.0.20 --dbname "ttctl"

Make ttracer run once.

# ttracerd --once --interval-sec 3 --dbuser ttracer --dbpass ttracer --dbhost 10.0.0.20 --dbname "ttctl"

ttctl

$ ttctl --level 2 --dest-ipv4 10.0.0.21
10.0.0.21:80
└<-- 10.0.0.22:many ('nginx', pgid=2000, connections=30)
└<-- 10.0.0.23:many ('nginx', pgid=891, connections=30)
└<-- 10.0.0.24:many ('nginx', pgid=1002, connections=30)
        └<-- 10.0.0.30:many ('python', pgid=1889 connections=1)
        └<-- 10.0.0.31:many ('python', pgid=1998 connections=1)
└<-- 10.0.0.25:many (connections:30)

10.0.0.21:22
└<-- 10.0.0.100:many