Contents
Major Features
- Stream collection: Syslog,AVRO and JSON streams were supported in Be-release
- Persistence: Flume based persistence layer. Hbase is used for persistence
- Search and analyze:
- Support for SQL query.
- Time range for search can be specified. Histogram for search results.
- Custom Dashboard :
- Build pre-defined views on data by adding widgets. Domain expert can define search query and save results on dashboard.
- Search result type : Counts, Search result histogram charts.
- Real-time event generation (Intercepted logs and Alarms) based on Rules :
- Intercepted logs: Mechanism to route messages into categories in real time while they are processed like stream for audit logs( install bundle etc.) .
- Alarms: Alerts get generated based on specific event matching in real-time. Alarm condition types includes Message count condition, Field value condition,Field string value condition
- Subscribe event: Northbound of Centinel can subscribe for events in real time by registering HTTP link to specified types of events. Subscribed
events will be sent to northbound via HTTP post operation.
- Web interface : Enable set rule, search, visualize, alert, dashboard, subscribe etc.
Target Environment
For Execution
- Requires Java 7 compliant runtime environment.
- Follow the user guide documentation to install OpenDaylight controller with centinel.
For Development
- Requires Java 7 compliant runtime environment, Maven version 3.1.1.
- Follow the user guide documentation to install OpenDaylight controller with centinel.
- Use Centinel UI and apidocs to check the creation of streams and rules and generate events.
Known Issues and Limitations
| Bug ID | Description | Workaround |
|---|
| 5311 | Dashboard Widget : Histogram is not loaded with real-time values | No work around possible. |
| 5310 | Settings Tab : provided IP's are not cached | No work around possible. |
| 4860 | Synchronization of Centinel with Graylog. | No work around possible. |
| 4857 | For a particular stream, same stream Rule can be added any number of times. | No work around possible. |
| 5318 | Each line of exception received in log is treated as a separate message | No work around possible. |
| 4854 | Stream sub-rules edit/deletion support not present. | Delete entire stream and create new one . |
| 5317 | Event Tab UI : Message fields having large text overlap with next field. | UI issue. No work around possible. |
| 5316 | Dashboard Widget : Histogram delete button is not working | UI issue. No work around possible. |
| 5314 | Event Tab : Dropdown to get events for Stream or alarm with provided inputs is not giving required data | UI issue. No work around possible. |
| 5313 | Event Tab : For intercepted logs graph is blank | UI issue. No work around possible. |