diff options
| -rw-r--r-- | README.md | 72 | ||||
| -rw-r--r-- | src/streamml/app.py | 7 | ||||
| -rw-r--r-- | src/streamml/front/options_tab.py | 2 |
3 files changed, 2 insertions, 79 deletions
diff --git a/README.md b/README.md deleted file mode 100644 index 2de7608..0000000 --- a/README.md +++ /dev/null @@ -1,72 +0,0 @@ -# streamml - -Streamml processes network packets in real-time, feeding them into the Half-Space Trees algorithm (via the [River](https://riverml.xyz/dev/api/anomaly/HalfSpaceTrees/) library). When the score exceeds the defined threshold, the application saves an evidentiary PCAP dump containing the relevant packet window. - -Note: Currently supports Half-Space Trees, with plans to add more algorithms. - -### Prerequisites -Ensure you have [uv](https://github.com/astral-sh/uv) installed. - -### Running - -Root privileges are needed for packet sniffing. -```bash -sudo uv run -m streamml.app -``` - - -### Results are stored here: - -LOGS_PATH = XDG_DATA_HOME/streamml/profiles_logs - -PCAP_PATH = XDG_DATA_HOME/streamml/profiles_pcaps - - -### This is how it works: - - +--------------------+ - | Profile Activation | - +---------+----------+ - | - +---------------+---------------+ - | | - +-------v-------+ +-------v---------+ - | Start Sniffer | | Start Processor | - +-------+-------+ +-------+---------+ - | | - +-------v-------+ +-------v-------------+ - | BPF Filter | | Get Packet from |<------+ - +-------+-------+ | FIFO | | - | +-------+-------------+ | - +-------v-------+ | | - | Receive Packet| +-------v-------------+ | - +-------+-------+ | Add Packet to | | - | | Window | | - +-------v-------+ +-------+-------------+ | - | Add to FIFO | | | - +---------------+ +-------v-------------+ No | - | End of Window? +-------+ - +-------+-------------+ | - | Yes | - +-------v-------------+ | - | Calculate Features | | - +-------+-------------+ | - | | - +-------v-------------+ | - | HST: score_one + | | - | learn_one | | - +-------+-------------+ | - | | - +-------v-------------+ No | - | Score > Threshold? +-------+ - +-------+-------------+ - | Yes - +-------v-------------+ - | PCAP Save | - | Logging | - | Alert | - +---------------------+ - -### Screenshots -<img width="988" height="540" alt="screenshot1" src="https://github.com/user-attachments/assets/65ed2870-fb2c-4212-9db6-d74b10248809" /> - diff --git a/src/streamml/app.py b/src/streamml/app.py index 4c7d1aa..0256315 100644 --- a/src/streamml/app.py +++ b/src/streamml/app.py @@ -2,9 +2,6 @@ from textual.app import App, ComposeResult from textual.widgets import TabbedContent, TabPane from textual.theme import Theme -from pathlib import Path -import os - from .front.detector_tab import DetectorTab from .front.detector_profiles_tab import DetectorProfilesTab from .front.options_tab import OptionsTab @@ -12,8 +9,6 @@ from .front.options_tab import OptionsTab from .back.detector_profiles_manager import DetectorProfilesManager -XDG_DATA_HOME = Path(os.environ.get("XDG_DATA_HOME", Path.home() / ".local/share")) - theme = Theme( name="pastel_blue_theme", primary="#82A6F2", @@ -31,7 +26,7 @@ class Streamml(App): def __init__(self): super().__init__() - self.detector_profiles_manager = DetectorProfilesManager(profiles_file=f"{XDG_DATA_HOME}/netmonitor/objects/detector_profiles_objects") + self.detector_profiles_manager = DetectorProfilesManager(profiles_file=f"/var/log/streamml/objects/detector_profiles_objects") def compose(self) -> ComposeResult: with TabbedContent(): diff --git a/src/streamml/front/options_tab.py b/src/streamml/front/options_tab.py index 22bd43a..9e67fcf 100644 --- a/src/streamml/front/options_tab.py +++ b/src/streamml/front/options_tab.py @@ -35,7 +35,7 @@ class OptionsTab(Container): @on(Button.Pressed, "#test-notif") def test_notification(self): - success = notification_service.send_message("**Test NetMonitor**\n") + success = notification_service.send_message("**Test streamml**\n") if success: self.app.notify("good", severity="information") |