SAM is a tool designed to map a network based on the data log of a router. It runs as a local python-based server and displays the a map and statistics on the browser.
Check out the website for details about the project and a demo!
MySQL - SAM will support other databases in the future:
apt-get install mysql-server
apt-get install libmysqlclient-dev
Python - python-dev is needed to build the MySQLdb package
apt-get install python
apt-get install python-dev
Pip - for installing python packages
apt-get install python-pip
nfdump - optional, for importing Cisco binary NetFlow dumps
apt-get install nfdump
- Clone the repository
- Run
pip install -r requirements.txtfrom within the directory to install necessary packages. - Duplicate
dbconfig.pyasdbconfig_local.pyand fill out database credentials
-
Import log files into database by any combination of the following methods:
- Palo Alto logs:
import_paloalto.py <file>. The paloalto syslog format is expected. - nfdumps:
import_nfdump.py <file>Binary files from nfcapd are expected. nfdump must be installed.
Import from all files before going to step 2
- Palo Alto logs:
-
Run the preprocessing script
python preprocess.pyto analyze and organize the data -
Start the server locally by running:
python server.py -
Navigate your browser to localhost:8080 and use your mouse to explore the network map