For organizations with dynamic data centers and networks, Open Network Insight is an advanced threat detection solution that uses big data analytics, that perform at cloud scale, to provide actionable insights into operational and security threats. Running on Cloudera Enterprise Data Hub (EDH), ONI can analyze billions of events in order to detect unknown threats, insider threats, and gain a new level of visibility into the network.
ONI-Demo is a standalone installation of the ONI UI
Install Docker for your platform
Run the container: docker run -it -p 8889:8889 opennetworkinsight/oni-demo
visit http://localhost:8889/files/ui/flow/suspicious.html#date=2016-07-08 in your browser to get started
For the full instructions visit the opennetworkinsight on Docker hub
Pre-requisites:
Python 2.7.11 or above Node.js
installation:
- get the demo with
git clone https://github.com/Open-Network-Insight/oni-demo.git
- install Python dependencies:
pip install pyzmq jinja2 pandas tornado ipython==3.2.0 jsonschema
- install Node.js dependencies:
npm install -g browserify uglifyjs
- install and build the ui
cd ./oni-demo/ui/
npm install reactify d3-queue d3-hierarchy
npm install
npm run build-all
bash ./runIpython.sh
This demo requires Winpython, which can be downloaded here:
[Winpython Download][1] [1]: https://sourceforge.net/projects/winpython/files/latest/download "Winpython Installer"
Install Winpython under root directory as C:\winpython
In order to download Demo code - you can use Download ZIP option from this repository
Unzip the file oni-demo-1.1.zip into C:\winpython\notebooks folder
In order to run ONI demo, start Jupyter Notebook.exe that is located under winpython folder
A Web browser will be opened to http://localhost:8888/tree
Inside the demo you will find 3 separate data sets to explore,
- Flow
- DNS
- Proxy
these events all occur on the same date: 2016-07-08
Copy and paste the following link into your browser
http://localhost:8889/files/ui/flow/suspicious.html#date=2016-07-08
http://localhost:8889/files/ui/dns/suspicious.html#date=2016-07-08
http://localhost:8889/files/ui/proxy/suspicious.html#date=2016-07-08
In the Demo, which contains similar functionality to Open Network Insight User Interface, you can:
- Select rows in Suspicious Connects Frame
- Icons for Reputation Services & Geolocation examples
- Move & Select Network View objects
- Displaying Chord Diagrams
- Display Detail View information (by selecting a Suspicious Connect row)
- Running Edge Investigation notebook
In this page you will find example Storyboards with real findings in the provided example data Copy and paste the following links into your browser
http://localhost:8889/files/ui/flow/storyboard.html#date=2016-07-08
http://localhost:8889/files/ui/dns/storyboard.html#date=2016-07-08
http://localhost:8889/files/ui/proxy/storyboard.html#date=2016-07-08