create cross-platform UI for configuration, alerting, and monitoring

jeremyandrews / netgrasp

Passive network observation tool

Other

31 stars 1 forks source link

create cross-platform UI for configuration, alerting, and monitoring #11

Open jeremyandrews opened 7 years ago

jeremyandrews commented 7 years ago

Add a GUI to simplify configuration, and provide interactive alerting and monitoring.

jeremyandrews commented 7 years ago

natej commented 7 years ago

Just throwing this out there... I'm sure you knew someone was going to mention this when you opened the issue. :)

Just due to the dependencies for Kivy and Tk-based solutions, as well as the fewer number of possible contributors for a front-end written in one of those frameworks, have you considered a web-based GUI? Flask perhaps? I realize this brings in its own issues, e.g. open port for web connections, cookies, auth, etc.

Just asking to see if that's a possibility and something you're open to?

jeremyandrews commented 7 years ago

I am not strictly opposed to a web-UI, but truly my primary interests in a "native" UI are in learning what's possible from Python -- specifically in regards to creating a cross-platform UI that works on computers and mobile devices alike. Perhaps open a new ticket to explore a web-based UI -- my gut feeling is it would be better to simply expose the data netgrasp collects to be ingested/displayed by existing web-based dashboards.

natej commented 7 years ago

That makes sense. When I commented I was primarily thinking about just the app configuration piece. Not the alerting or monitoring.

I've recently spent a little time testing with Kibana to access data from Bro.

I haven't spent enough time yet reading the code, but what do you think a Netgrasp data exporter would look like from a design/process perspective? Would this be a separate process/daemon that would be started to export rows from sqlite at configurable time intervals?

jeremyandrews commented 7 years ago

I'm planning to do it more or less like the existing email alerts and desktop notifications: you'd subscribe to whichever events you're interested in, and netgrasp would push them whenever they happen, through the existing daemon.

Currently existing events are documented here (see "The following alert types are supported:") https://github.com/jeremyandrews/netgrasp/tree/master/docs#email