SlideShare una empresa de Scribd logo

Using NoSQL databases to store RADIUS and Syslog data

Karri Huhtanen
Karri Huhtanen

A seminar presentation done for TUT's NoSQL course. A brief look into the possibility and the feasibility of using NoSQL databases to store RADIUS accounting and Syslog data. In this particular case, Syslog-NG, Radiator RADIUS server and MongoDB were used as trial platforms. The presentation includes configuration examples and also some code.

Tecnología
1 de 22
Descargar para leer sin conexión
Using NoSQL databases to store RADIUS and Syslog data, part 1: Idea Karri Huhtanen 18.9.2012
Some background • currently RADIUS accounting data is stored usually in SQL databases with fixed database schema • for Syslog messages an SQL database can be used, but commercial log analyzers (like Splunk) usually use their own solutions which may or may not be SQL databases • Started thinking if NoSQL database could be applied to both or one of these?
RADIUS accounting message Wed  Aug    8  13:49:33  2012                User-­‐Name  =  "jotain@realm"                NAS-­‐Port  =  8 One message                NAS-­‐IP-­‐Address  =  192.168.229.131 contains                Framed-­‐IP-­‐Address  =  192.168.163.226 undetermined                NAS-­‐Identifier  =  "Cisco_66:77:88"                Airespace-­‐WLAN-­‐Id  =  4 number of                Acct-­‐Session-­‐Id  =  "50223ea9/00:11:22:33:44:55/2292" attributes.                Acct-­‐Authentic  =  Remote                Tunnel-­‐Type  =  0:VLAN interpreted                Tunnel-­‐Medium-­‐Type  =  0:802 Some can be attributes,                Tunnel-­‐Private-­‐Group-­‐ID  =  0:222 interpreted, some the unknown                Event-­‐Timestamp  =  1344422780 stay unknown.                Acct-­‐Status-­‐Type  =  Alive attributes are                Acct-­‐Input-­‐Octets  =  1262012 usually left in                Acct-­‐Input-­‐Gigawords  =  0 Because there can OID:FieldDataTyp                Acct-­‐Output-­‐Octets  =  13518133 be a changing                Acct-­‐Output-­‐Gigawords  =  0 e binary format                Acct-­‐Input-­‐Packets  =  11692 number of                Acct-­‐Output-­‐Packets  =  11154 changing type of                Acct-­‐Session-­‐Time  =  1235 attributes I began                Acct-­‐Delay-­‐Time  =  19                Calling-­‐Station-­‐Id  =  "00:11:22:33:44:55" to wonder if                Called-­‐Station-­‐Id  =  "f4:7f:35:5e:bf:b0" NoSQL could be                cisco-­‐avpair  =  "nas-­‐update=true" used for storing                Digest-­‐Response  =  "P"C<188>"                Digest-­‐Response  =  "P"C<194>" these?                Timestamp  =  1344422954
Syslog message Until researching The  syslog  message  has  the  following  ABNF  [RFC5234]  definition: into this I thought            SYSLOG-­‐MSG            =  HEADER  SP  STRUCTURED-­‐DATA  [SP  MSG] Syslog messages had            HEADER                    =  PRI  VERSION  SP  TIMESTAMP  SP  HOSTNAME                                                SP  APP-­‐NAME  SP  PROCID  SP  MSGID fixed structure and            PRI                          =  "<"  PRIVAL  ">"            PRIVAL                    =  1*3DIGIT  ;  range  0  ..  191 could be then            VERSION                  =  NONZERO-­‐DIGIT  0*2DIGIT            HOSTNAME                =  NILVALUE  /  1*255PRINTUSASCII handled with fixed            APP-­‐NAME                =  NILVALUE  /  1*48PRINTUSASCII database schema.            PROCID                    =  NILVALUE  /  1*128PRINTUSASCII            MSGID                      =  NILVALUE  /  1*32PRINTUSASCII            TIMESTAMP              =  NILVALUE  /  FULL-­‐DATE  "T"  FULL-­‐TIME Then I read the            FULL-­‐DATE              =  DATE-­‐FULLYEAR  "-­‐"  DATE-­‐MONTH  "-­‐"  DATE-­‐MDAY            DATE-­‐FULLYEAR      =  4DIGIT RFC5424: http://            DATE-­‐MONTH            =  2DIGIT    ;  01-­‐12            DATE-­‐MDAY              =  2DIGIT    ;  01-­‐28,  01-­‐29,  01-­‐30,  01-­‐31  based  on tools.ietf.org/html/                                                                ;  month/year            FULL-­‐TIME              =  PARTIAL-­‐TIME  TIME-­‐OFFSET rfc5424            PARTIAL-­‐TIME        =  TIME-­‐HOUR  ":"  TIME-­‐MINUTE  ":"  TIME-­‐SECOND                                                [TIME-­‐SECFRAC]            TIME-­‐HOUR              =  2DIGIT    ;  00-­‐23            TIME-­‐MINUTE          =  2DIGIT    ;  00-­‐59            TIME-­‐SECOND          =  2DIGIT    ;  00-­‐59            TIME-­‐SECFRAC        =  "."  1*6DIGIT            TIME-­‐OFFSET          =  "Z"  /  TIME-­‐NUMOFFSET            TIME-­‐NUMOFFSET    =  ("+"  /  "-­‐")  TIME-­‐HOUR  ":"  TIME-­‐MINUTE Here we have once            STRUCTURED-­‐DATA  =  NILVALUE  /  1*SD-­‐ELEMENT again parameters,            SD-­‐ELEMENT            =  "["  SD-­‐ID  *(SP  SD-­‐PARAM)  "]"            SD-­‐PARAM                =  PARAM-­‐NAME  "="  %d34  PARAM-­‐VALUE  %d34 although they are            SD-­‐ID                      =  SD-­‐NAME            PARAM-­‐NAME            =  SD-­‐NAME within one defined            PARAM-­‐VALUE          =  UTF-­‐8-­‐STRING  ;  characters  '"',  ''  and                                                                          ;  ']'  MUST  be  escaped. STRUCTURED-            SD-­‐NAME                  =  1*32PRINTUSASCII                                                ;  except  '=',  SP,  ']',  %d34  (") DATA field.            MSG                          =  MSG-­‐ANY  /  MSG-­‐UTF8            MSG-­‐ANY                  =  *OCTET  ;  not  starting  with  BOM            MSG-­‐UTF8                =  BOM  UTF-­‐8-­‐STRING So could NoSQL be            BOM                          =  %xEF.BB.BF used also for Syslog?
So what happens next? • Selection of NoSQL database: • Likely Column Family Store if no one can suggest a better one? • Something easy to setup and use, will concentrate into getting RADIUS server and/or Syslogd transferring data to database. • Setting up a WiFi access point and/or controller to provide real RADIUS and Syslog data • Storing data, retrieving data, searching data, deleting data to see what works • Writing and presenting Part II: “Implementation and Results” of these slides
Results (hopefully) • Is storing RADIUS accounting and Syslog messages into NoSQL database: a brilliant idea, brilliantly stupid idea or something else? • How hard can it be? What does it require to do this, is it possible and how? • Does it actually work? What can you do with data? Is there some indication of performance improvements or problems? • Will not do complete performance measurements though, designing and setting up reliable measurement environment will probably take too much time.
Using NoSQL databases to store RADIUS and Syslog data, part 1I: The Saga Continues Karri Huhtanen 27.11.2012
Happened earlier • currently RADIUS accounting data is stored usually in SQL databases with fixed database schema • for Syslog messages an SQL database can be used, but commercial log analyzers (like Splunk) usually use their own solutions which may or may not be SQL databases • Started thinking if NoSQL database could be applied to both or one of these?
Results (luckily) • Is storing RADIUS accounting and Syslog messages into NoSQL database: a brilliant idea, brilliantly stupid idea or something else? a good idea • How hard can it be? What does it require to do this, is it possible and how? easy, 1 night before presentation required • Does it actually work? What can you do with data? Is there some indication of performance improvements or problems? Yes. Store and Process. Unknown. Some issues to be considered. • Will not do complete performance measurements though, designing and setting up reliable measurement environment will probably take too much time. Coded one Python script.
So what happened? • Selection of NoSQL database: • Likely Column Family Store if no one can suggest a MongoDB better one? • Something easy to setup and use, will concentrate into getting RADIUS server and/or Syslogd transferring data to database. • Setting up a WiFi access point and/or controller to provide real RADIUS and Syslog data • Storing data, retrieving data, searching data, deleting data to see what works Done, but not thoroughly • Writing and presenting Part II: “Implementation and Results” of these slides Done
That was the executive summary. Thank you.
Now some more detailed information and even some code.
storing RADIUS accounting and Syslog messages into NoSQL database • It is a good idea because: • When we have massive amount of log or accounting data, we need massive database clusters. • Data is mainly stored, read, analyzed and occasionally deleted. Data will not be updated or changed and is relatively simple (few tables with a lot of columns). • NoSQL may provide better way to scale this horizontally by distribution and sharding. • It is already being done. Several log analyzers, stores already use NoSQL databases as backends. There exists projects such as Greylog2 etc. which provide complete solutions from log storage, visualization, analysis etc. • Logs and accounting data are actually use cases for some NoSQL databases, for example: http://docs.mongodb.org/manual/use-cases/storing-log-data/
storing RADIUS accounting and Syslog messages into NoSQL database • It is not a brilliant idea because: • If we look what we need to do to optimize the performance it starts to look like a lot like designing and optimizing a SQL database: http://docs.mongodb.org/ manual/use-cases/storing-log-data/ • You cannot forget datatypes or database design even with NoSQL databases especially when going into production. • Prototypes may be faster and easier for developers, but creating a design and configuration which survices production use may be as hard as it has ever been. The difference is that instead of SQL database expert, you know need a NoSQL expert. • ... but it is not a brilliantly stupid idea either, it is an idea worth considering depending of the project.
How hard can it be? • With Ubuntu Linux Server 12.04 LTS: • sudo apt-get install python-pymongo mongodb syslog-ng syslog-ng-mod-mongodb • for Syslog-NG, just some configuration • for Radiator, some configuration and coding an external Python script to handle accounting messages • But this is far from production use, it is more like proto or proof of concept implementation done in 1 work day.
Demo
Syslog-ng # /etc/syslog-ng/syslog-ng.conf # mongodb log destination destination karrin_net_mongodb { mongodb(); }; # ... log { source(s_src); source(s_net); destination(karrin_net_mongodb); }; # that’s it https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guides/syslog- ng-ose-v3.3-guide-admin-en.html/reference_destination_mongodb.html
Radiator RADIUS server # /etc/radiator/radiator.cfg # # send all RADIUS accounting requests to external script # <Handler Request-Type = Accounting-Request> <AuthBy EXTERNAL> Command %D/acct2mongo.py </AuthBy> AcctLogFileName %L/acct-acct2mongodb-%Y-%M.log </Handler>
#!/usr/bin/env python from pymongo import Connection import datetime acct2mongo.py import sys def main(): line = str() post = dict() # opening connection connection = Connection( 'localhost', 27017) # database 'radius' db = connection['radius'] # collection 'accounting' collection = db['accounting'] post['acct2mongotimestamp'] = datetime.datetime.utcnow() for line in sys.stdin.readlines(): pieces = line.split(' = ', 1) if len(pieces) == 2: post[pieces[0].strip().strip('"')]=pieces[1].strip().strip('"') collection.insert(post) connection.end_request() connection.disconnect() # 0 Means reply with an acceptance. For Access-Requests, # an Access-Accept will be sent. For Accounting-Requests, # an Accounting-Response will be sent. return 0 if __name__ == '__main__': main()
Does it actually work? What can you do with data? • Yes it does actually work, but once again it does not solve or be applicable to everything. • One can store, read, search and delete data supposedly very efficiently, but anything more complicated is harder and must be implemented by developer. • For example: MongoDB does not have a reliable decimal datatype. It is better to keep numbers as a string and convert them when processing data. • Repeating earlier statement: “You cannot forget datatypes or database design even with NoSQL databases especially when going into production.”
Performance? • Would need to be measured and verified and with real production environment or solution. • Would also need to be compared with well designed and optimised SQL database, maybe even one functioning as NoSQL one. • In the implementation this was not tested as the datasets were very small compared to real datasets.
Conclusions • NoSQL should be at least considered as an option when designing and implementing large scale Syslog or Radius Accounting storages. • For development it is flexible. • For production use NoSQL solution still needs design, careful planning and testing to verify if the performance, reliability and security is enough. Probably as much as SQL database design. • Key issue will probably be can the SQL database handle the data or is horizontal scaling required.

Recomendados

BeagleBone Black Bootloaders
BeagleBone Black BootloadersBeagleBone Black Bootloaders
BeagleBone Black BootloadersSysPlay eLearning Academy for You
 
BIOS PRESENTATION
BIOS PRESENTATIONBIOS PRESENTATION
BIOS PRESENTATIONRajput98k
 
Internal microprocessor architecture
Internal microprocessor architectureInternal microprocessor architecture
Internal microprocessor architectureUniversity of Gujrat, Pakistan
 
Taller de reparacion y ensamblaje de pc
Taller de reparacion y ensamblaje de pcTaller de reparacion y ensamblaje de pc
Taller de reparacion y ensamblaje de pcYoainaira Cabrera
 
Microprocessor
MicroprocessorMicroprocessor
MicroprocessorAdarsh Barnwal
 
Inside a computer case
Inside a computer caseInside a computer case
Inside a computer caseOwenBugni
 
Static and Dynamic Read/Write memories
Static and Dynamic Read/Write memoriesStatic and Dynamic Read/Write memories
Static and Dynamic Read/Write memoriesAbhilash Nair
 
Pci express3-device-architecture-optimizations-idf2009-presentation
Pci express3-device-architecture-optimizations-idf2009-presentationPci express3-device-architecture-optimizations-idf2009-presentation
Pci express3-device-architecture-optimizations-idf2009-presentationjkcontee
 

Recomendados

BeagleBone Black Bootloaders
BeagleBone Black BootloadersBeagleBone Black Bootloaders
BeagleBone Black BootloadersSysPlay eLearning Academy for You
 
BIOS PRESENTATION
BIOS PRESENTATIONBIOS PRESENTATION
BIOS PRESENTATIONRajput98k
 
Internal microprocessor architecture
Internal microprocessor architectureInternal microprocessor architecture
Internal microprocessor architectureUniversity of Gujrat, Pakistan
 
Taller de reparacion y ensamblaje de pc
Taller de reparacion y ensamblaje de pcTaller de reparacion y ensamblaje de pc
Taller de reparacion y ensamblaje de pcYoainaira Cabrera
 
Microprocessor
MicroprocessorMicroprocessor
MicroprocessorAdarsh Barnwal
 
Inside a computer case
Inside a computer caseInside a computer case
Inside a computer caseOwenBugni
 
Static and Dynamic Read/Write memories
Static and Dynamic Read/Write memoriesStatic and Dynamic Read/Write memories
Static and Dynamic Read/Write memoriesAbhilash Nair
 
Pci express3-device-architecture-optimizations-idf2009-presentation
Pci express3-device-architecture-optimizations-idf2009-presentationPci express3-device-architecture-optimizations-idf2009-presentation
Pci express3-device-architecture-optimizations-idf2009-presentationjkcontee
 
Microprocesador
MicroprocesadorMicroprocesador
MicroprocesadorYury Torres
 
what is ROM? Rom(read only memory)
what is ROM? Rom(read only memory)what is ROM? Rom(read only memory)
what is ROM? Rom(read only memory)shire ali
 
PCI Drivers
PCI DriversPCI Drivers
PCI DriversAnil Kumar Pugalia
 
80386 & 80486
80386 & 8048680386 & 80486
80386 & 80486RakeshKumarSharma46
 
Systemcare in computer
Systemcare in computer Systemcare in computer
Systemcare in computer suraj pandey
 
Microprocessor
MicroprocessorMicroprocessor
MicroprocessorTarun Nayak
 
External memory
External memoryExternal memory
External memoryriddhishg
 
memory classification
memory classificationmemory classification
memory classificationRamaPrabha24
 
I2C Drivers
I2C DriversI2C Drivers
I2C DriversSysPlay eLearning Academy for You
 
Raspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesRaspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesyeokm1
 
La tarjeta madre y sus componentes
La tarjeta madre y sus componentesLa tarjeta madre y sus componentes
La tarjeta madre y sus componentesbelazam
 
Análisis de tarjetas madres biostar.
Análisis de tarjetas madres biostar.Análisis de tarjetas madres biostar.
Análisis de tarjetas madres biostar.Lauriita Balkazar
 
USB Drivers
USB DriversUSB Drivers
USB DriversAnil Kumar Pugalia
 
Chapter5
Chapter5Chapter5
Chapter5Bisrat Girma
 
Introduction to microprocessor
Introduction to microprocessorIntroduction to microprocessor
Introduction to microprocessorKashyap Shah
 
Coolers de cpu
Coolers de cpuCoolers de cpu
Coolers de cpuAREX
 
Networking with Linux on System z
Networking with Linux on System zNetworking with Linux on System z
Networking with Linux on System zIBM India Smarter Computing
 
Look Mom nosql
Look Mom nosqlLook Mom nosql
Look Mom nosqlCharles Nurse
 
Instant Single Sign-On and Two-Factor Authentication
Instant Single Sign-On and Two-Factor AuthenticationInstant Single Sign-On and Two-Factor Authentication
Instant Single Sign-On and Two-Factor AuthenticationMaarten Ectors
 
Deep Dive In To Kerberos
Deep Dive In To KerberosDeep Dive In To Kerberos
Deep Dive In To KerberosIshan A B Ambanwela
 
FreeSWITCH Monitoring
FreeSWITCH MonitoringFreeSWITCH Monitoring
FreeSWITCH MonitoringMoises Silva
 
Scaling FreeSWITCH Performance
Scaling FreeSWITCH PerformanceScaling FreeSWITCH Performance
Scaling FreeSWITCH PerformanceMoises Silva
 

Más contenido relacionado

La actualidad más candente

what is ROM? Rom(read only memory)
what is ROM? Rom(read only memory)what is ROM? Rom(read only memory)
what is ROM? Rom(read only memory)shire ali
 
Systemcare in computer
Systemcare in computer Systemcare in computer
Systemcare in computer suraj pandey
 
External memory
External memoryExternal memory
External memoryriddhishg
 
memory classification
memory classificationmemory classification
memory classificationRamaPrabha24
 
Raspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesRaspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesyeokm1
 
La tarjeta madre y sus componentes
La tarjeta madre y sus componentesLa tarjeta madre y sus componentes
La tarjeta madre y sus componentesbelazam
 
Análisis de tarjetas madres biostar.
Análisis de tarjetas madres biostar.Análisis de tarjetas madres biostar.
Análisis de tarjetas madres biostar.Lauriita Balkazar
 
Introduction to microprocessor
Introduction to microprocessorIntroduction to microprocessor
Introduction to microprocessorKashyap Shah
 
Coolers de cpu
Coolers de cpuCoolers de cpu
Coolers de cpuAREX
 

La actualidad más candente (17)

Microprocesador
MicroprocesadorMicroprocesador
Microprocesador
 
what is ROM? Rom(read only memory)
what is ROM? Rom(read only memory)what is ROM? Rom(read only memory)
what is ROM? Rom(read only memory)
 
PCI Drivers
PCI DriversPCI Drivers
PCI Drivers
 
80386 & 80486
80386 & 8048680386 & 80486
80386 & 80486
 
Systemcare in computer
Systemcare in computer Systemcare in computer
Systemcare in computer
 
Microprocessor
MicroprocessorMicroprocessor
Microprocessor
 
External memory
External memoryExternal memory
External memory
 
memory classification
memory classificationmemory classification
memory classification
 
I2C Drivers
I2C DriversI2C Drivers
I2C Drivers
 
Raspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesRaspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issues
 
La tarjeta madre y sus componentes
La tarjeta madre y sus componentesLa tarjeta madre y sus componentes
La tarjeta madre y sus componentes
 
Análisis de tarjetas madres biostar.
Análisis de tarjetas madres biostar.Análisis de tarjetas madres biostar.
Análisis de tarjetas madres biostar.
 
USB Drivers
USB DriversUSB Drivers
USB Drivers
 
Chapter5
Chapter5Chapter5
Chapter5
 
Introduction to microprocessor
Introduction to microprocessorIntroduction to microprocessor
Introduction to microprocessor
 
Coolers de cpu
Coolers de cpuCoolers de cpu
Coolers de cpu
 
Networking with Linux on System z
Networking with Linux on System zNetworking with Linux on System z
Networking with Linux on System z
 

Destacado

Instant Single Sign-On and Two-Factor Authentication
Instant Single Sign-On and Two-Factor AuthenticationInstant Single Sign-On and Two-Factor Authentication
Instant Single Sign-On and Two-Factor AuthenticationMaarten Ectors
 
FreeSWITCH Monitoring
FreeSWITCH MonitoringFreeSWITCH Monitoring
FreeSWITCH MonitoringMoises Silva
 
Scaling FreeSWITCH Performance
Scaling FreeSWITCH PerformanceScaling FreeSWITCH Performance
Scaling FreeSWITCH PerformanceMoises Silva
 
2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo2600Hz
 

Destacado (7)

Look Mom nosql
Look Mom nosqlLook Mom nosql
Look Mom nosql
 
Instant Single Sign-On and Two-Factor Authentication
Instant Single Sign-On and Two-Factor AuthenticationInstant Single Sign-On and Two-Factor Authentication
Instant Single Sign-On and Two-Factor Authentication
 
Deep Dive In To Kerberos
Deep Dive In To KerberosDeep Dive In To Kerberos
Deep Dive In To Kerberos
 
FreeSWITCH Monitoring
FreeSWITCH MonitoringFreeSWITCH Monitoring
FreeSWITCH Monitoring
 
Scaling FreeSWITCH Performance
Scaling FreeSWITCH PerformanceScaling FreeSWITCH Performance
Scaling FreeSWITCH Performance
 
SSO with kerberos
SSO with kerberosSSO with kerberos
SSO with kerberos
 
2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo
 

Similar a Using NoSQL databases to store RADIUS and Syslog data

LLVM Backend の紹介
LLVM Backend の紹介LLVM Backend の紹介
LLVM Backend の紹介Akira Maruoka
 
Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...
Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...
Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...CloudxLab
 
Using Spark to Load Oracle Data into Cassandra
Using Spark to Load Oracle Data into CassandraUsing Spark to Load Oracle Data into Cassandra
Using Spark to Load Oracle Data into CassandraJim Hatcher
 
Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...
Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...
Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...DataStax
 
Oracle sharding : Installation & Configuration
Oracle sharding : Installation & ConfigurationOracle sharding : Installation & Configuration
Oracle sharding : Installation & Configurationsuresh gandhi
 
Sysdig
SysdigSysdig
Sysdiggnosek
 
Smolder @Silex
Smolder @SilexSmolder @Silex
Smolder @SilexJeen Lee
 
Introduction to cloudforecast
Introduction to cloudforecastIntroduction to cloudforecast
Introduction to cloudforecastMasahiro Nagano
 
Introduction to CUDA
Introduction to CUDAIntroduction to CUDA
Introduction to CUDARaymond Tay
 
Pontos para criar_instancia_data guard_11g
Pontos para criar_instancia_data guard_11gPontos para criar_instancia_data guard_11g
Pontos para criar_instancia_data guard_11gLeandro Santos
 
Unlocking Your Hadoop Data with Apache Spark and CDH5
Unlocking Your Hadoop Data with Apache Spark and CDH5Unlocking Your Hadoop Data with Apache Spark and CDH5
Unlocking Your Hadoop Data with Apache Spark and CDH5SAP Concur
 
Write a C program that reads the words the user types at the command.pdf
Write a C program that reads the words the user types at the command.pdfWrite a C program that reads the words the user types at the command.pdf
Write a C program that reads the words the user types at the command.pdfSANDEEPARIHANT
 
Xdp and ebpf_maps
Xdp and ebpf_mapsXdp and ebpf_maps
Xdp and ebpf_mapslcplcp1
 

Similar a Using NoSQL databases to store RADIUS and Syslog data (20)

LLVM Backend の紹介
LLVM Backend の紹介LLVM Backend の紹介
LLVM Backend の紹介
 
Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...
Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...
Apache Spark - Dataframes & Spark SQL - Part 1 | Big Data Hadoop Spark Tutori...
 
Computer networkppt4577
Computer networkppt4577Computer networkppt4577
Computer networkppt4577
 
Using Spark to Load Oracle Data into Cassandra
Using Spark to Load Oracle Data into CassandraUsing Spark to Load Oracle Data into Cassandra
Using Spark to Load Oracle Data into Cassandra
 
Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...
Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...
Using Spark to Load Oracle Data into Cassandra (Jim Hatcher, IHS Markit) | C*...
 
Redis for your boss
Redis for your bossRedis for your boss
Redis for your boss
 
A22 Introduction to DTrace by Kyle Hailey
A22 Introduction to DTrace by Kyle HaileyA22 Introduction to DTrace by Kyle Hailey
A22 Introduction to DTrace by Kyle Hailey
 
Osol Pgsql
Osol PgsqlOsol Pgsql
Osol Pgsql
 
Mongodb workshop
Mongodb workshopMongodb workshop
Mongodb workshop
 
Oracle sharding : Installation & Configuration
Oracle sharding : Installation & ConfigurationOracle sharding : Installation & Configuration
Oracle sharding : Installation & Configuration
 
Sysdig
SysdigSysdig
Sysdig
 
Smolder @Silex
Smolder @SilexSmolder @Silex
Smolder @Silex
 
Introduction to cloudforecast
Introduction to cloudforecastIntroduction to cloudforecast
Introduction to cloudforecast
 
Introduction to CUDA
Introduction to CUDAIntroduction to CUDA
Introduction to CUDA
 
Pontos para criar_instancia_data guard_11g
Pontos para criar_instancia_data guard_11gPontos para criar_instancia_data guard_11g
Pontos para criar_instancia_data guard_11g
 
Unlocking Your Hadoop Data with Apache Spark and CDH5
Unlocking Your Hadoop Data with Apache Spark and CDH5Unlocking Your Hadoop Data with Apache Spark and CDH5
Unlocking Your Hadoop Data with Apache Spark and CDH5
 
Npc14
Npc14Npc14
Npc14
 
Write a C program that reads the words the user types at the command.pdf
Write a C program that reads the words the user types at the command.pdfWrite a C program that reads the words the user types at the command.pdf
Write a C program that reads the words the user types at the command.pdf
 
About Data::ObjectDriver
About Data::ObjectDriverAbout Data::ObjectDriver
About Data::ObjectDriver
 
Xdp and ebpf_maps
Xdp and ebpf_mapsXdp and ebpf_maps
Xdp and ebpf_maps
 

Más de Karri Huhtanen

Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyDisobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyKarri Huhtanen
 
Wi-Fi Roaming Security and Privacy
Wi-Fi Roaming Security and PrivacyWi-Fi Roaming Security and Privacy
Wi-Fi Roaming Security and PrivacyKarri Huhtanen
 
OpenRoaming and CapPort
OpenRoaming and CapPortOpenRoaming and CapPort
OpenRoaming and CapPortKarri Huhtanen
 
Suomen eduroam-juuripalvelun uudistukset
Suomen eduroam-juuripalvelun uudistuksetSuomen eduroam-juuripalvelun uudistukset
Suomen eduroam-juuripalvelun uudistuksetKarri Huhtanen
 
Adding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceAdding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceKarri Huhtanen
 
OpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllOpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllKarri Huhtanen
 
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingBeyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingKarri Huhtanen
 
Routing host certificates in eduroam/govroam
Routing host certificates in eduroam/govroamRouting host certificates in eduroam/govroam
Routing host certificates in eduroam/govroamKarri Huhtanen
 
Cooperative labs, testbeds and networks
Cooperative labs, testbeds and networksCooperative labs, testbeds and networks
Cooperative labs, testbeds and networksKarri Huhtanen
 
Privacy and traceability in Wi-Fi networks
Privacy and traceability in Wi-Fi networksPrivacy and traceability in Wi-Fi networks
Privacy and traceability in Wi-Fi networksKarri Huhtanen
 
EAP-TLS (extended version)
EAP-TLS (extended version)EAP-TLS (extended version)
EAP-TLS (extended version)Karri Huhtanen
 
Security issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAASecurity issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAAKarri Huhtanen
 
What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?Karri Huhtanen
 
What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?Karri Huhtanen
 
Building secure, privacy aware, quality Wi-Fi coverage via cooperation
Building secure, privacy aware, quality Wi-Fi coverage via cooperationBuilding secure, privacy aware, quality Wi-Fi coverage via cooperation
Building secure, privacy aware, quality Wi-Fi coverage via cooperationKarri Huhtanen
 
Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
Connecting the Dots: Integrating RADIUS to Network Measurement and MonitoringConnecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
Connecting the Dots: Integrating RADIUS to Network Measurement and MonitoringKarri Huhtanen
 
Building city and nationwide Wi-Fi coverage via cooperation
Building city and nationwide Wi-Fi coverage via cooperationBuilding city and nationwide Wi-Fi coverage via cooperation
Building city and nationwide Wi-Fi coverage via cooperationKarri Huhtanen
 
eduroam diagnostics in NTLR, IdPs and SPs
eduroam diagnostics in NTLR, IdPs and SPseduroam diagnostics in NTLR, IdPs and SPs
eduroam diagnostics in NTLR, IdPs and SPsKarri Huhtanen
 

Más de Karri Huhtanen (20)

Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyDisobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
 
Wi-Fi Roaming Security and Privacy
Wi-Fi Roaming Security and PrivacyWi-Fi Roaming Security and Privacy
Wi-Fi Roaming Security and Privacy
 
OpenRoaming and CapPort
OpenRoaming and CapPortOpenRoaming and CapPort
OpenRoaming and CapPort
 
Suomen eduroam-juuripalvelun uudistukset
Suomen eduroam-juuripalvelun uudistuksetSuomen eduroam-juuripalvelun uudistukset
Suomen eduroam-juuripalvelun uudistukset
 
Adding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceAdding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation service
 
OpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllOpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for All
 
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingBeyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
 
Routing host certificates in eduroam/govroam
Routing host certificates in eduroam/govroamRouting host certificates in eduroam/govroam
Routing host certificates in eduroam/govroam
 
Cooperative labs, testbeds and networks
Cooperative labs, testbeds and networksCooperative labs, testbeds and networks
Cooperative labs, testbeds and networks
 
Privacy and traceability in Wi-Fi networks
Privacy and traceability in Wi-Fi networksPrivacy and traceability in Wi-Fi networks
Privacy and traceability in Wi-Fi networks
 
EAP-TLS (extended version)
EAP-TLS (extended version)EAP-TLS (extended version)
EAP-TLS (extended version)
 
EAP-TLS
EAP-TLSEAP-TLS
EAP-TLS
 
Security issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAASecurity issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAA
 
TLS and Certificates
TLS and CertificatesTLS and Certificates
TLS and Certificates
 
What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?
 
What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?What is Network Function Virtualisation (NFV)?
What is Network Function Virtualisation (NFV)?
 
Building secure, privacy aware, quality Wi-Fi coverage via cooperation
Building secure, privacy aware, quality Wi-Fi coverage via cooperationBuilding secure, privacy aware, quality Wi-Fi coverage via cooperation
Building secure, privacy aware, quality Wi-Fi coverage via cooperation
 
Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
Connecting the Dots: Integrating RADIUS to Network Measurement and MonitoringConnecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
 
Building city and nationwide Wi-Fi coverage via cooperation
Building city and nationwide Wi-Fi coverage via cooperationBuilding city and nationwide Wi-Fi coverage via cooperation
Building city and nationwide Wi-Fi coverage via cooperation
 
eduroam diagnostics in NTLR, IdPs and SPs
eduroam diagnostics in NTLR, IdPs and SPseduroam diagnostics in NTLR, IdPs and SPs
eduroam diagnostics in NTLR, IdPs and SPs
 

Último

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Último (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Using NoSQL databases to store RADIUS and Syslog data

  • 1. Using NoSQL databases to store RADIUS and Syslog data, part 1: Idea Karri Huhtanen 18.9.2012
  • 2. Some background • currently RADIUS accounting data is stored usually in SQL databases with fixed database schema • for Syslog messages an SQL database can be used, but commercial log analyzers (like Splunk) usually use their own solutions which may or may not be SQL databases • Started thinking if NoSQL database could be applied to both or one of these?
  • 3. RADIUS accounting message Wed  Aug    8  13:49:33  2012                User-­‐Name  =  "jotain@realm"                NAS-­‐Port  =  8 One message                NAS-­‐IP-­‐Address  =  192.168.229.131 contains                Framed-­‐IP-­‐Address  =  192.168.163.226 undetermined                NAS-­‐Identifier  =  "Cisco_66:77:88"                Airespace-­‐WLAN-­‐Id  =  4 number of                Acct-­‐Session-­‐Id  =  "50223ea9/00:11:22:33:44:55/2292" attributes.                Acct-­‐Authentic  =  Remote                Tunnel-­‐Type  =  0:VLAN interpreted                Tunnel-­‐Medium-­‐Type  =  0:802 Some can be attributes,                Tunnel-­‐Private-­‐Group-­‐ID  =  0:222 interpreted, some the unknown                Event-­‐Timestamp  =  1344422780 stay unknown.                Acct-­‐Status-­‐Type  =  Alive attributes are                Acct-­‐Input-­‐Octets  =  1262012 usually left in                Acct-­‐Input-­‐Gigawords  =  0 Because there can OID:FieldDataTyp                Acct-­‐Output-­‐Octets  =  13518133 be a changing                Acct-­‐Output-­‐Gigawords  =  0 e binary format                Acct-­‐Input-­‐Packets  =  11692 number of                Acct-­‐Output-­‐Packets  =  11154 changing type of                Acct-­‐Session-­‐Time  =  1235 attributes I began                Acct-­‐Delay-­‐Time  =  19                Calling-­‐Station-­‐Id  =  "00:11:22:33:44:55" to wonder if                Called-­‐Station-­‐Id  =  "f4:7f:35:5e:bf:b0" NoSQL could be                cisco-­‐avpair  =  "nas-­‐update=true" used for storing                Digest-­‐Response  =  "P"C<188>"                Digest-­‐Response  =  "P"C<194>" these?                Timestamp  =  1344422954
  • 4. Syslog message Until researching The  syslog  message  has  the  following  ABNF  [RFC5234]  definition: into this I thought            SYSLOG-­‐MSG            =  HEADER  SP  STRUCTURED-­‐DATA  [SP  MSG] Syslog messages had            HEADER                    =  PRI  VERSION  SP  TIMESTAMP  SP  HOSTNAME                                                SP  APP-­‐NAME  SP  PROCID  SP  MSGID fixed structure and            PRI                          =  "<"  PRIVAL  ">"            PRIVAL                    =  1*3DIGIT  ;  range  0  ..  191 could be then            VERSION                  =  NONZERO-­‐DIGIT  0*2DIGIT            HOSTNAME                =  NILVALUE  /  1*255PRINTUSASCII handled with fixed            APP-­‐NAME                =  NILVALUE  /  1*48PRINTUSASCII database schema.            PROCID                    =  NILVALUE  /  1*128PRINTUSASCII            MSGID                      =  NILVALUE  /  1*32PRINTUSASCII            TIMESTAMP              =  NILVALUE  /  FULL-­‐DATE  "T"  FULL-­‐TIME Then I read the            FULL-­‐DATE              =  DATE-­‐FULLYEAR  "-­‐"  DATE-­‐MONTH  "-­‐"  DATE-­‐MDAY            DATE-­‐FULLYEAR      =  4DIGIT RFC5424: http://            DATE-­‐MONTH            =  2DIGIT    ;  01-­‐12            DATE-­‐MDAY              =  2DIGIT    ;  01-­‐28,  01-­‐29,  01-­‐30,  01-­‐31  based  on tools.ietf.org/html/                                                                ;  month/year            FULL-­‐TIME              =  PARTIAL-­‐TIME  TIME-­‐OFFSET rfc5424            PARTIAL-­‐TIME        =  TIME-­‐HOUR  ":"  TIME-­‐MINUTE  ":"  TIME-­‐SECOND                                                [TIME-­‐SECFRAC]            TIME-­‐HOUR              =  2DIGIT    ;  00-­‐23            TIME-­‐MINUTE          =  2DIGIT    ;  00-­‐59            TIME-­‐SECOND          =  2DIGIT    ;  00-­‐59            TIME-­‐SECFRAC        =  "."  1*6DIGIT            TIME-­‐OFFSET          =  "Z"  /  TIME-­‐NUMOFFSET            TIME-­‐NUMOFFSET    =  ("+"  /  "-­‐")  TIME-­‐HOUR  ":"  TIME-­‐MINUTE Here we have once            STRUCTURED-­‐DATA  =  NILVALUE  /  1*SD-­‐ELEMENT again parameters,            SD-­‐ELEMENT            =  "["  SD-­‐ID  *(SP  SD-­‐PARAM)  "]"            SD-­‐PARAM                =  PARAM-­‐NAME  "="  %d34  PARAM-­‐VALUE  %d34 although they are            SD-­‐ID                      =  SD-­‐NAME            PARAM-­‐NAME            =  SD-­‐NAME within one defined            PARAM-­‐VALUE          =  UTF-­‐8-­‐STRING  ;  characters  '"',  ''  and                                                                          ;  ']'  MUST  be  escaped. STRUCTURED-            SD-­‐NAME                  =  1*32PRINTUSASCII                                                ;  except  '=',  SP,  ']',  %d34  (") DATA field.            MSG                          =  MSG-­‐ANY  /  MSG-­‐UTF8            MSG-­‐ANY                  =  *OCTET  ;  not  starting  with  BOM            MSG-­‐UTF8                =  BOM  UTF-­‐8-­‐STRING So could NoSQL be            BOM                          =  %xEF.BB.BF used also for Syslog?
  • 5. So what happens next? • Selection of NoSQL database: • Likely Column Family Store if no one can suggest a better one? • Something easy to setup and use, will concentrate into getting RADIUS server and/or Syslogd transferring data to database. • Setting up a WiFi access point and/or controller to provide real RADIUS and Syslog data • Storing data, retrieving data, searching data, deleting data to see what works • Writing and presenting Part II: “Implementation and Results” of these slides
  • 6. Results (hopefully) • Is storing RADIUS accounting and Syslog messages into NoSQL database: a brilliant idea, brilliantly stupid idea or something else? • How hard can it be? What does it require to do this, is it possible and how? • Does it actually work? What can you do with data? Is there some indication of performance improvements or problems? • Will not do complete performance measurements though, designing and setting up reliable measurement environment will probably take too much time.
  • 7. Using NoSQL databases to store RADIUS and Syslog data, part 1I: The Saga Continues Karri Huhtanen 27.11.2012
  • 8. Happened earlier • currently RADIUS accounting data is stored usually in SQL databases with fixed database schema • for Syslog messages an SQL database can be used, but commercial log analyzers (like Splunk) usually use their own solutions which may or may not be SQL databases • Started thinking if NoSQL database could be applied to both or one of these?
  • 9. Results (luckily) • Is storing RADIUS accounting and Syslog messages into NoSQL database: a brilliant idea, brilliantly stupid idea or something else? a good idea • How hard can it be? What does it require to do this, is it possible and how? easy, 1 night before presentation required • Does it actually work? What can you do with data? Is there some indication of performance improvements or problems? Yes. Store and Process. Unknown. Some issues to be considered. • Will not do complete performance measurements though, designing and setting up reliable measurement environment will probably take too much time. Coded one Python script.
  • 10. So what happened? • Selection of NoSQL database: • Likely Column Family Store if no one can suggest a MongoDB better one? • Something easy to setup and use, will concentrate into getting RADIUS server and/or Syslogd transferring data to database. • Setting up a WiFi access point and/or controller to provide real RADIUS and Syslog data • Storing data, retrieving data, searching data, deleting data to see what works Done, but not thoroughly • Writing and presenting Part II: “Implementation and Results” of these slides Done
  • 11. That was the executive summary. Thank you.
  • 12. Now some more detailed information and even some code.
  • 13. storing RADIUS accounting and Syslog messages into NoSQL database • It is a good idea because: • When we have massive amount of log or accounting data, we need massive database clusters. • Data is mainly stored, read, analyzed and occasionally deleted. Data will not be updated or changed and is relatively simple (few tables with a lot of columns). • NoSQL may provide better way to scale this horizontally by distribution and sharding. • It is already being done. Several log analyzers, stores already use NoSQL databases as backends. There exists projects such as Greylog2 etc. which provide complete solutions from log storage, visualization, analysis etc. • Logs and accounting data are actually use cases for some NoSQL databases, for example: http://docs.mongodb.org/manual/use-cases/storing-log-data/
  • 14. storing RADIUS accounting and Syslog messages into NoSQL database • It is not a brilliant idea because: • If we look what we need to do to optimize the performance it starts to look like a lot like designing and optimizing a SQL database: http://docs.mongodb.org/ manual/use-cases/storing-log-data/ • You cannot forget datatypes or database design even with NoSQL databases especially when going into production. • Prototypes may be faster and easier for developers, but creating a design and configuration which survices production use may be as hard as it has ever been. The difference is that instead of SQL database expert, you know need a NoSQL expert. • ... but it is not a brilliantly stupid idea either, it is an idea worth considering depending of the project.
  • 15. How hard can it be? • With Ubuntu Linux Server 12.04 LTS: • sudo apt-get install python-pymongo mongodb syslog-ng syslog-ng-mod-mongodb • for Syslog-NG, just some configuration • for Radiator, some configuration and coding an external Python script to handle accounting messages • But this is far from production use, it is more like proto or proof of concept implementation done in 1 work day.
  • 16. Demo
  • 17. Syslog-ng # /etc/syslog-ng/syslog-ng.conf # mongodb log destination destination karrin_net_mongodb { mongodb(); }; # ... log { source(s_src); source(s_net); destination(karrin_net_mongodb); }; # that’s it https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guides/syslog- ng-ose-v3.3-guide-admin-en.html/reference_destination_mongodb.html
  • 18. Radiator RADIUS server # /etc/radiator/radiator.cfg # # send all RADIUS accounting requests to external script # <Handler Request-Type = Accounting-Request> <AuthBy EXTERNAL> Command %D/acct2mongo.py </AuthBy> AcctLogFileName %L/acct-acct2mongodb-%Y-%M.log </Handler>
  • 19. #!/usr/bin/env python from pymongo import Connection import datetime acct2mongo.py import sys def main(): line = str() post = dict() # opening connection connection = Connection( 'localhost', 27017) # database 'radius' db = connection['radius'] # collection 'accounting' collection = db['accounting'] post['acct2mongotimestamp'] = datetime.datetime.utcnow() for line in sys.stdin.readlines(): pieces = line.split(' = ', 1) if len(pieces) == 2: post[pieces[0].strip().strip('"')]=pieces[1].strip().strip('"') collection.insert(post) connection.end_request() connection.disconnect() # 0 Means reply with an acceptance. For Access-Requests, # an Access-Accept will be sent. For Accounting-Requests, # an Accounting-Response will be sent. return 0 if __name__ == '__main__': main()
  • 20. Does it actually work? What can you do with data? • Yes it does actually work, but once again it does not solve or be applicable to everything. • One can store, read, search and delete data supposedly very efficiently, but anything more complicated is harder and must be implemented by developer. • For example: MongoDB does not have a reliable decimal datatype. It is better to keep numbers as a string and convert them when processing data. • Repeating earlier statement: “You cannot forget datatypes or database design even with NoSQL databases especially when going into production.”
  • 21. Performance? • Would need to be measured and verified and with real production environment or solution. • Would also need to be compared with well designed and optimised SQL database, maybe even one functioning as NoSQL one. • In the implementation this was not tested as the datasets were very small compared to real datasets.
  • 22. Conclusions • NoSQL should be at least considered as an option when designing and implementing large scale Syslog or Radius Accounting storages. • For development it is flexible. • For production use NoSQL solution still needs design, careful planning and testing to verify if the performance, reliability and security is enough. Probably as much as SQL database design. • Key issue will probably be can the SQL database handle the data or is horizontal scaling required.