OpenDXL
Security Intelligence Sharing
OpenDXL Broker 0.3.9
- opendxl
- 13k Downloads
- 1 Comment
- Website
- https://github.com/opendxl/opendxl-broker
- API Specification
- raw.githubusercontent.com/open…r/schema/v0.1/schema.json
Overview
The OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker. The broker executes in a standalone mode and does not require an external management interface. The only currently supported delivery mechanism for the OpenDXL Broker is a Docker image.
The OpenDXL Broker Docker image is available at the following location within Docker Hub:
https://hub.docker.com/r/opendxl/opendxl-broker/
Documentation
See the Wiki for installation, configuration, and usage instructions for the OpenDXL Broker.
Screenshots
Broker Details:
Generate Client Configuration:
Fabric Monitor:
-
Version 0.3.9
- 834 Downloads
Release (0.3.9):
- Fixed issue preventing bridging from succeeding
-
Version 0.3.8
- 817 Downloads
Release (0.3.8):
- WebSockets: return non-zero to close dead connections
-
Version 0.3.7
- 819 Downloads
Release (0.3.7):
- Updated to generate unique connection ids
-
Version 0.3.6
- 928 Downloads
Release (0.3.6):
- Fixed WebSocket memory corruption and leak
-
Version 0.3.5
- 1k Downloads
Release (0.3.5):
- Fixed issue when multiple MQTT packets per TCP packet (issue for Node 10.17+)
- Ensure local broker state information is not altered outside of bridge connects/disconnects
-
Version 0.3.4
- 1.1k Downloads
Release (0.3.4):
- Multi-tenant broker now has the ability to limit number of services and subscriptions per tenant
- WebSocket-specific logging is controlled via a separate flag
- Multiple warnings resolved
-
Version 0.3.3
- 1.1k Downloads
Release (0.3.3):
- Updated Websockets library
- Pulled in fix for warmcat/libwebsockets#1467
-
Version 0.3.2
- 1.1k Downloads
Release (0.3.2):
- Updated dxlconsole to version: 0.3.3
- Fixed defect that caused configuration keys to be inadvertently converted to lowercase
-
Version 0.3.1
- 1.2k Downloads
Release (0.3.1):
- Updated dxlconsole to version: 0.3.2
- Added support for generating WebSocket broker entries for the client configuration as part of the OpenDXL Broker console
-
Version 0.3.0
- 1.2k Downloads
Release (0.3.0):
- Updated broker to version 5.7.0.150
- Now supports WebSockets-based connections in addition to MQTT
DXL Broker
Version: 0.1
DXL Broker
Solutions
DXL Broker
https://github.com/opendxl/opendxl-broker
| /mcafee/event/dxl/revocation/list |
Services
DXL Broker Service
This is a 'placeholder' service section for grouping the service requests listed in this schema. This is not a true DXL service and will not appear in the DXL Broker's service registry.
- Version:
-
0.1
Events
/mcafee/event/dxl/brokerregistry/brokerstate
Event containing the current state of a broker. Sent whenever the broker state changes (connections, disconnections, etc.).
{
"bridgeChildren": [
"{ced54d6f-111d-6ba9-1f2f-192738cba23c}"
],
"bridges": [
"{32cd9168-338f-11e4-0d01-005056946833}"
],
"connectionLimit": 20000,
"guid": "{a0430b86-347a-17e4-0c52-0050569430aa}",
"hostname": "testHostname",
"port": 8883,
"startTime": 1546903181,
"topicRouting": false,
"ttlMins": 60,
"version": "0.1"
}
- bridgeChildren: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Broker parents
- bridges: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
All current Broker bridges
- connectionLimit: integer
-
Broker connection limit
- epoName: string
-
Managing ePO name
- guid: string
-
Broker GUID
- hostname: string
-
Broker hostname
- policyHostname: string
-
Broker host name (via policy)
- policyHub: string
-
Broker hub name (via policy)
- policyIpAddress: string
-
Broker IP address (via policy)
- policyPort: integer
-
Broker port (via policy)
- port: integer
-
Broker port
- startTime: integer
-
Broker start time (as seconds from epoch)
- topicRouting: boolean
-
Whether topic-based routing is enabled
- ttlMins: integer
-
Broker Time to Live (in minutes)
- version: string
-
Broker version
/mcafee/event/dxl/brokerregistry/brokerstatetopics
Event containing all of the currently subscribed topics on the publishing broker. Sent whenever the list changes (subscribe/unsubscribe) or a new broker bridge is established.
{
"index": 0,
"state": 3,
"topics": [
"/opendxl/service/sample/message",
"/opendxl/service/sample/stats/report"
]
}
- state: integer , x ∈ { 0 , 1 , 2 }
-
State of the topics. 0 = None, 1 = Start, 2 = End.
- index: integer
-
Index in the batch (0-based)
- topics: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Topics
| changeCount |
The number of times the topic list has been updated (for tracking latest) |
||
| startTime |
Broker start time (as seconds from epoch) |
/mcafee/event/dxl/brokerregistry/topicadded
/mcafee/event/dxl/brokerregistry/topicremoved
Event sent when a broker no longer has any clients subscribed to a topic.
| changeCount |
The number of times the topic list has been updated (for tracking latest) |
||
| startTime |
Broker start time (as seconds from epoch) |
/mcafee/event/dxl/clientregistry/connect
/mcafee/event/dxl/clientregistry/disconnect
/mcafee/event/dxl/fabricchange
/mcafee/event/dxl/revocation/list
/mcafee/event/dxl/svcregistry/register
Event used to notify subscribers that a service has been registered.
{
"brokerGuid": "{da5d90d2-bcf4-11e8-0b38-0050569a0c70}",
"certificates": [
],
"clientGuid": "{46e20115-18e9-4b0e-aa30-33ca595abdac}",
"clientInstanceGuid": "{46e20115-18e9-4b0e-aa30-33ca595abdac}:b918716c-3f73-4e3e-8292-91cfdc2500d9",
"managed": true,
"metaData": {
"name1": "test1",
"name2": "test2"
},
"registrationTime": 1546909846,
"requestChannels": [
"/mcafee/service/sample/file/request",
"/mcafee/service/sample/cert/request"
],
"serviceGuid": "{d57f495c-7bed-4170-9970-61d10914335a}",
"serviceType": "/mcafee/service/sample",
"ttlMins": 60
}
- brokerGuid: string
-
Broker GUID
- certificates: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Certificates of the client that registered this service
- clientGuid: string
-
Client GUID
- clientInstanceGuid: string
-
Client instance GUID
- clientTenantGuid: string
-
Tenant GUID of the client that registered the service
- metaData: object
-
Service metadata
string - managed: boolean
-
Whether the service is associated with a managed client
- requestChannels: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Service request channels
- registrationTime: integer
-
Registration time (as seconds from epoch)
- serviceType: string
-
Service type
- serviceGuid: string
-
Service GUID
- targetTenantGuids: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
GUIDs of tenants that can access this service
- ttlMins: integer
-
Service Time to Live (in minutes)
/mcafee/event/dxl/svcregistry/unregister
Requests
/mcafee/service/dxl/broker/health
Request for broker health information. Each broker will send a DXL response to this request separately with their current health status.
{
"connectedClients": 5,
"incomingMessages": 0.01666666753590107,
"ipe": {
"fabrics": {
"ipeSample": {
"displayName": "IPE Sample",
"properties": {
"dxl.ipe.property.sampleMessageCount": {
"displayName": "Sample Message Count",
"type": "numeric",
"value": "1816"
},
"dxl.ipe.property.sampleMessageSize": {
"displayName": "Sample Message Size (Bytes)",
"type": "numeric",
"value": "66772"
}
}
},
"localExample": {
"displayName": "Local Example IPE",
"properties": {
"dxl.ipe.property.localSuccessCount": {
"displayName": "Local success count",
"type": "numeric",
"value": "5197"
}
}
}
},
"patterns": {
"localExample.reactionResultErrors": {
"displayName": "Local Reaction Errors Pattern",
"properties": {
}
},
"localExample.syncData": {
"displayName": "Local Sync Data Pattern",
"properties": {
"dxl.ipe.property.localMessagesLastTime": {
"displayName": "Last local message time",
"type": "date",
"value": "1546971467079"
},
"dxl.ipe.property.localMessagesProcessed": {
"displayName": "Local messages processed",
"type": "numeric",
"value": "4634"
}
}
}
},
"plugins": {
"epo": {
"displayName": "epo",
"properties": {
}
}
},
"properties": {
}
},
"localServiceCounter": 3,
"outgoingMessages": 0.01666666753590107,
"startTime": 1537401471
}
- connectedClients: integer
-
Number of connected clients
- incomingMessages: number (double)
-
Number of incoming messages
- ipe: object
-
IPE health
- fabrics: IpeHealthPayload
-
- patterns: IpeHealthPayload
-
- plugins: IpeHealthPayload
-
- properties: IpeHealthPayloadProperties
-
- localServiceCounter: integer
-
Count of local services registered with the broker
- outgoingMessages: number (double)
-
Number of outgoing messages
- startTime: integer
-
Start time of the broker (as seconds from epoch)
/mcafee/service/dxl/broker/subs
/mcafee/service/dxl/brokerregistry/query
Queries the broker registry for broker state information. If no broker is specified returns the current state of all brokers.
{
"brokers": {
"{0f41d474-95d7-11e8-1a8f-00155d842e2d}": {
"bridgeChildren": [
],
"bridges": [
],
"connectionLimit": 50000,
"epoName": "MY-EPO1",
"guid": "{0f41d474-95d7-11e8-1a8f-00155d842e2d}",
"hostname": "my-broker1",
"policyHostname": "my-broker1",
"policyHub": "",
"policyIpAddress": "10.0.0.1",
"policyPort": 8883,
"port": 8883,
"startTime": 1537401471,
"topicRouting": true,
"ttlMins": 60,
"version": "5.0.0.289"
}
}
}
- brokers: object
/mcafee/service/dxl/clientregistry/query
Queries all brokers to determine if the specified client GUID is connected. This request will reach all brokers on the fabric unless the destinationBrokerGuids in the message are specified.
If no client is connected for the supplied clientGuid, no response is returned. If a client is connected for the supplied clientGuid, an empty response is returned from the broker that is currently connected to the client.
/mcafee/service/dxl/svcregistry/query
Queries the Service Registry for all services matching the given serviceType or serviceGuid.
{
"services": {
"{92240a29-2c76-41b2-a3dd-89ef6ff1dcf1}": {
"brokerGuid": "c75cb962-6928-4894-bf83-d6ce9ad36306",
"certificates": [
"7c357987eabc9dd88481b35297f9e425cd433799",
"84841b6fd81483746dc7390e8e44dfa4c86e1ba8"
],
"clientGuid": "{7760a256-68f0-4075-bf6f-52d603367642}",
"local": true,
"managed": false,
"metaData": {
},
"registrationTime": 1539636395,
"requestChannels": [
"/my/service/service1/host_lookup"
],
"serviceGuid": "{92240a29-2c76-41b2-a3dd-89ef6ff1dcf1}",
"serviceType": "/my/service/service1",
"ttlMins": 60,
"unauthorizedChannels": [
]
}
}
}
- services: object
-
- local: boolean
-
Whether the service is local to this broker
- unauthorizedChannels: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Unauthorized channels for service
/mcafee/service/dxl/svcregistry/register
Registers a service with the Service Registry. This is called both at initial registration and re-registration before the specified ttlMins is reached.
{
"brokerGuid": "{da5d90d2-bcf4-11e8-0b38-0050569a0c70}",
"certificates": [
],
"clientGuid": "{46e20115-18e9-4b0e-aa30-33ca595abdac}",
"clientInstanceGuid": "{46e20115-18e9-4b0e-aa30-33ca595abdac}:b918716c-3f73-4e3e-8292-91cfdc2500d9",
"managed": true,
"metaData": {
"name1": "test1",
"name2": "test2"
},
"registrationTime": 1546909846,
"requestChannels": [
"/mcafee/service/sample/file/request",
"/mcafee/service/sample/cert/request"
],
"serviceGuid": "{d57f495c-7bed-4170-9970-61d10914335a}",
"serviceType": "/mcafee/service/sample",
"ttlMins": 60
}
- brokerGuid: string
-
Broker GUID
- certificates: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Certificates of the client that registered this service
- clientGuid: string
-
Client GUID
- clientInstanceGuid: string
-
Client instance GUID
- clientTenantGuid: string
-
Tenant GUID of the client that registered the service
- metaData: object
-
Service metadata
string - managed: boolean
-
Whether the service is associated with a managed client
- requestChannels: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Service request channels
- registrationTime: integer
-
Registration time (as seconds from epoch)
- serviceType: string
-
Service type
- serviceGuid: string
-
Service GUID
- targetTenantGuids: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
GUIDs of tenants that can access this service
- ttlMins: integer
-
Service Time to Live (in minutes)
/mcafee/service/dxl/svcregistry/unregister
Definitions
{
"bridgeChildren": [
"{ced54d6f-111d-6ba9-1f2f-192738cba23c}"
],
"bridges": [
"{32cd9168-338f-11e4-0d01-005056946833}"
],
"connectionLimit": 20000,
"guid": "{a0430b86-347a-17e4-0c52-0050569430aa}",
"hostname": "testHostname",
"port": 8883,
"startTime": 1546903181,
"topicRouting": false,
"ttlMins": 60,
"version": "0.1"
}
- bridgeChildren: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Broker parents
- bridges: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
All current Broker bridges
- connectionLimit: integer
-
Broker connection limit
- epoName: string
-
Managing ePO name
- guid: string
-
Broker GUID
- hostname: string
-
Broker hostname
- policyHostname: string
-
Broker host name (via policy)
- policyHub: string
-
Broker hub name (via policy)
- policyIpAddress: string
-
Broker IP address (via policy)
- policyPort: integer
-
Broker port (via policy)
- port: integer
-
Broker port
- startTime: integer
-
Broker start time (as seconds from epoch)
- topicRouting: boolean
-
Whether topic-based routing is enabled
- ttlMins: integer
-
Broker Time to Live (in minutes)
- version: string
-
Broker version
- displayName: string
-
The display name of the IPE object (fabric, pattern, or object).
- properties: IpeHealthPayloadProperties
-
- properties: object
-
- displayName: string
-
The display name for the property.
- value: string
-
The value of the property.
- type: string
-
The data type of the property.
{
"brokerGuid": "{da5d90d2-bcf4-11e8-0b38-0050569a0c70}",
"certificates": [
],
"clientGuid": "{46e20115-18e9-4b0e-aa30-33ca595abdac}",
"clientInstanceGuid": "{46e20115-18e9-4b0e-aa30-33ca595abdac}:b918716c-3f73-4e3e-8292-91cfdc2500d9",
"managed": true,
"metaData": {
"name1": "test1",
"name2": "test2"
},
"registrationTime": 1546909846,
"requestChannels": [
"/mcafee/service/sample/file/request",
"/mcafee/service/sample/cert/request"
],
"serviceGuid": "{d57f495c-7bed-4170-9970-61d10914335a}",
"serviceType": "/mcafee/service/sample",
"ttlMins": 60
}
- brokerGuid: string
-
Broker GUID
- certificates: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Certificates of the client that registered this service
- clientGuid: string
-
Client GUID
- clientInstanceGuid: string
-
Client instance GUID
- clientTenantGuid: string
-
Tenant GUID of the client that registered the service
- metaData: object
-
Service metadata
string - managed: boolean
-
Whether the service is associated with a managed client
- requestChannels: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
Service request channels
- registrationTime: integer
-
Registration time (as seconds from epoch)
- serviceType: string
-
Service type
- serviceGuid: string
-
Service GUID
- targetTenantGuids: https://opendxl.github.io/opendxl-api-specification/v0.1/schema.jsonstringArray
-
GUIDs of tenants that can access this service
- ttlMins: integer
-
Service Time to Live (in minutes)
shadowbq
The source is now available as of 0.2.0:
https://github.com/opendxl/opendxl-broker
The Doxygen Source Documentation is available here:
https://opendxl.github.io/open…oker/docs/html/index.html