-
Notifications
You must be signed in to change notification settings - Fork 4
/
Consumer_Streaming.py
42 lines (38 loc) · 1.32 KB
/
Consumer_Streaming.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
from __future__ import print_function
from pyspark import SparkContext
from pyspark.streaming import StreamingContext
from pyspark.streaming.kafka import KafkaUtils
import time
from datetime import datetime
import json
import argparse
def load_msg(msg):
message = json.loads(msg[1])
return message['remote_host'], 1
def update_frequency(new_entry, freq_sum):
if not freq_sum:
freq_sum = 0
return sum(new_entry) + freq_sum
if __name__ == '__main__':
parser = argparse.ArgumentParser()
parser.add_argument('-rh', '--host', default="127.0.0.1:9092")
parser.add_argument('-t', '--topic', default='messages')
args = parser.parse_args()
print('Starting the process...\n')
start=datetime.now()
sc = SparkContext(appName="PythonStreamingDirectKafkaDetectDDOS")
ssc = StreamingContext(sc, 5)
ssc.checkpoint('checkpoint')
kvs = KafkaUtils.createDirectStream(ssc, [args.topic], {"metadata.broker.list": args.host})
parsed = kvs.map(load_msg)
updated = parsed.updateStateByKey(update_frequency)
updated2 = updated.map(lambda (k,v): (str(k), v))
high_freq = updated2.filter(lambda (k,v): v >= 85)
high_freq.pprint()
high_freq.saveAsTextFiles('DDOS_attacker_found_output')
ssc.start()
time.sleep(60)
ssc.stop()
#ssc.awaitTermination()
print('Process ended.')
print('Time taken:', datetime.now()-start)