/// <summary>
/// We have NOT seen this IP before, and we want to make
/// a new one
/// Author: Ben Hoffman
/// </summary>
public void NewComputer(Source jsonSourceData)
{
// Get a new computer device from the object pooler
Computer newDevice = computerPooler.GetPooledObject().GetComponent <Computer>();
// Set the DATA on this gameobject to the data from the JSON data
newDevice.SourceInt = jsonSourceData.sourceIpInt;
// Set this object as active in the hierachy so that you can actually see it
newDevice.gameObject.SetActive(true);
// Set the snort manager if we have one
if (snortManager != null)
{
newDevice.snortManager = snortManager;
}
// Add the object to the dictionary
computersDict.Add(jsonSourceData.sourceIpInt, newDevice);
// Check the connections to this, if there are connections then add them to it's list
CheckConnection(jsonSourceData);
// Check if we can add it to a group
IPGroupManager.currentIpGroups.CheckGroups(jsonSourceData.sourceIpInt);
// If we have a device count text...
if (deviceCountText != null)
{
// Update the UI that tells us how many devices there are
deviceCountText.text = Computer.ComputerCount.ToString();
}
// ============== Sending the necessary info to draw lines between objects ======================= //
// If there is a service runnign on this, then send it to the netflow controller to visualize it
if (jsonSourceData.service != null)
{
connectionController.CheckPacketbeatData(jsonSourceData.sourceIpInt, jsonSourceData.destIpInt, jsonSourceData.service);
}
// Otherwise if it is UDP / TCP traffic...
else if (jsonSourceData.protocol != null)
{
// Send the protocol
connectionController.CheckPacketbeatData(jsonSourceData.sourceIpInt, jsonSourceData.destIpInt, jsonSourceData.protocol);
}
}
/// <summary>
/// Loop through the data that we have and send it to the netflow
/// controller if we should
/// </summary>
/// <param name="packetDataObj"></param>
private IEnumerator CheckData(Packetbeat_Json_Data packetDataObj)
{
// ================= Check and make sure that our data is valid =====================
// Make sure that our data is not null
if (packetDataObj.hits.hits.Length == 0)
{
_UseLastSuccess = true;
// Tell this to use the last successful query
yield break;
}
// Let this know that we no longer need to bank on the last success
if (_UseLastSuccess)
{
_UseLastSuccess = false;
}
// ============= Keep track of stuff to prevent duplicates =======================
packetPerQuery = 0;
// Set our latest packetbeat time to the most recent one
_latest_time = packetDataObj.hits.hits[packetDataObj.hits.hits.Length - 1]._source.timestamp;
checkingState = CheckDataStates.Running;
// ============== Actually loop through our hits data =========================
for (int i = 0; i < packetDataObj.hits.hits.Length; i++)
{
// Set the integer IP values of this object
SetIntegerValues(packetDataObj.hits.hits[i]._source);
// As long as what we got from those IP's is valid:
if (packetDataObj.hits.hits[i]._source.destIpInt != 0 && packetDataObj.hits.hits[i]._source.sourceIpInt != 0)
{
// Change the protocol to HTTP if we want to, this is optional because
// sometimes it is techincally incorrect
if (assumeHttp && packetDataObj.hits.hits[i]._source.dest.port == 80 ||
packetDataObj.hits.hits[i]._source.dest.port == 8080)
{
// This traffic is HTTP
packetDataObj.hits.hits[i]._source.transport = "http";
}
// Send the data to the netflow controller
connectionController.CheckPacketbeatData(
packetDataObj.hits.hits[i]._source.sourceIpInt,
packetDataObj.hits.hits[i]._source.destIpInt,
packetDataObj.hits.hits[i]._source.transport);
packetPerQuery++;
}
// Get them frames
yield return(null);
}
checkingState = CheckDataStates.Done;
}