Scribd Logo
Upload

Welcome to Scribd!

  • MUM2017-ITALY Cloud Monitoring

    Uploaded by

    Scada Link
    32 views40 pages
    The document discusses using Cloud Hosted Router (CHR) and big data for cloud monitoring. It provides an overview of CHR, how to install it on Amazon EC2, and use cases for cloud connectivity and cloud monitoring. Specific tools mentioned for shipping log data and parsing Mikrotik data include PaStash for managing input/output and Elasticsearch for storage and dashboards. Siren is described as an alerting and reporting application that can monitor data and send notifications.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses using Cloud Hosted Router (CHR) and big data for cloud monitoring. It provides an overview of CHR, how to install it on Amazon EC2, and use cases for cloud connectivity and cloud monitoring. Specific tools mentioned for shipping log data and parsing Mikrotik data include PaStash for managing input/output and Elasticsearch for storage and dashboards. Siren is described as an alerting and reporting application that can monitor data and send notifications.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    32 views40 pages

    MUM2017-ITALY Cloud Monitoring

    Uploaded by

    Scada Link
    The document discusses using Cloud Hosted Router (CHR) and big data for cloud monitoring. It provides an overview of CHR, how to install it on Amazon EC2, and use cases for cloud connectivity and cloud monitoring. Specific tools mentioned for shipping log data and parsing Mikrotik data include PaStash for managing input/output and Elasticsearch for storage and dashboards. Siren is described as an alerting and reporting application that can monitor data and send notifications.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 40

    Cloud monitoring

    using
    CHR and Big-Data
    Summary
    About Us
    General background on CHR
    CHR Amazon EC2 installing
    CHR Use cases
    Cloud monitoring elements
    Reporting , Alerting and Trigger
    <whoami
    Shlomi Gutman
    CTO of Voicenter (Israel)
    VP of Cloud Products at QXIP (Amsterdam)

    2
    Voicenter is A leading telecommunication technology
    company providing top-tier business telephony since
    2007

    We are delivering a ‘One-stop-shop’ solution for


    business all around the world

    Telecom PBX Call


    Services Center
    Solution

    3
    QXIP - Voice Capture Engineering &
    Development
    QXIP {QuickSIP} is an R&D Company specializing in Open-Source and
    Commercial Voice Technology Development.

    4
    What’s CHR?
    Cloud Hosted Router (CHR) is a RouterOS version
    intended for running as a virtual machine.

    It supports the x86 64-bit architecture and can be used


    on most of the popular hypervisors such as VMWare,
    Hyper-V, VirtualBox and others.

    CHR has full RouterOS features enabled by default but


    has a different licensing model than other RouterOS
    versions.

    5
    CHR Licensing License
    Perpetual is a lifetime license - License Speed limit Price

    buy once, use forever . Free 1Mbit FREE

    P1 1Gbit 45$
    It is possible to transfer a 95$
    P10 10Gbit
    perpetual license to another
    250$
    CHR instance. P-Unlimited Unlimited

    If the CHR instance will not be able to access the account server to renew
    the license ,
    it will behave as if the trial period has ran out and will not allow an
    upgrade of RouterOS to a newer version.

    6
    CHR hosting environment
    Installing CHR on AWS – Step 1

    8
    Select CHR Image (AMI)– Step 2

    9
    Select Instance Tab – Step 3

    10
    Setup your network – Step 4

    11
    Configure – Step 5

    12
    Installing CHR on AWS – Step 6

    13
    Finally… Winbox ... IP… Connect ...

    15
    Change Password !!!

    16
    CHR - Use case Types
    • Virtual Instance
     Custom hardware
     Management - Dude ,RADIUS
     Labs setup

    17
    Virtualization – CHR vs x86
    Why use the CHR instead of the traditional x86 VM?
    • Optimized for Virtualization
    64 bit support
    Fastpath support
    Driver support

    • Paravirtualized NIC –
    Using the CHR allows us to use the a
    paravirtualized NIC which is capable of speeds
    beyond 10 Gbps.
    The E1000 NIC used in the x86 VM is only capable
    of 1Gbps.

    • Future proof – The CHR will continue to be developed

    18
    CHR - Use case Types

    • Cloud Connectivity
     VPN cloud - Road Warrior
     Direct Connect alternative
     Secure distributed cloud environment

    19
    CHR - Use case Types
    • Cloud monitoring
     Cyber Defense
     Billing Logic on Steroids
     Centralized Log Analyze

    20
    Cyber crime top 20 countries
    attracts

    21
    IOT – the missing S

    22
    General background on cyber
    attracts

    23
    Who is behind cyber crime ?

    24
    25
    26
    How to ship your data(Syslog) …..

    27
    How to ship your data (NetFlow)

    /ip traffic-flow
    set cache-entries=4M enabled=yes
    interfaces=BRIDGE

    /ip traffic-flow target


    add dst-address=66.66.66.66
    port=1234 version=5

    28
    Shipping Big Data Log
    • paStash is a tool to manage spaghetti I/O
    with input, processors and output.
    • modules for all seasons and protocols.

    https://github.com/sipcapture/paStash

    29
    PaStash Config
    input {
    udp {
    host => 0.0.0.0
    port => 514 Input plugins Filter plugins Outputs
    type => syslog
    }
    •File •Regex •ZeroMQ
    } •Syslog •Grok •ElasticSearch
    •ZeroMQ •Mutate Replace •Statsd
    filter { •Redis •Grep •Gelf
    regex { •HTTP •Reverse DNS •File
    regex => /^(\S)/+/ •Websocket •Compute field •HTTP Post
    fields => [toto]
    }
    •TCP / TLS •Compute hash •Websocket
    } •Google app engine •Compute date field •Redis
    •AMQP •Split •Logio
    •SQS •Rename •TCP / TLS
    output { •NetFlow •Multiline •AMQP
    elasticsearch { •Freeswitch ESL •Json fields •SQS
    host => localhost
    port => 9200
    •Asterisk AMI •Geoip •HEP
    } •Eval
    } •Bunyan
    •HTTP Status Classifier

    30
    Parsing Mikrotik Netflow

    31
    Parsing Mikrotik Log

    32
    Mikrotik Netflow Dashboards

    33
    Mikrotik Logs Dashboards

    33
    Elasticsearch
    Elasticsearch is
    a search engine based
    on Lucene. It provides
    a distributed,
    multitenant-capable
    full-text search engine
    with an HTTP web
    interface and schema-
    free JSON documents.

    34
    Siren alerting & reporting
    application
    SENTINL extends Siren with Alerting and
    Reporting functionality to monitor, validate
    and inform users and administrators on
    data series changes using standard queries
    or join queries, programmable validators,
    transformers and messages to send out
    using a variety of configurable actions
    including sending action to the Mikrotik
    API as well as sending Emails, Slack
    Messages, API Webhooks, PDF Snapshots
    of Charts, creating new Documents and
    much more.

    35
    Siren Alerting & Reporting App
    Siren
    Enterprise provides many unique features and enables integrators to realize
    unique Business Intelligence creatures. With such power, automating
    workflows and being able to get notified with data detections quickly becomes
    a key requirement.

    33
    Pushing your data out of the box

    Contact us today for a month free trial


    info@clusterz.io
    THANK YOU!

    You might also like