Setting up pycapa
You can set up pycapa by completing the following steps. This installation assumes the following environment variables:
PYCAPA_HOME=/opt/pycapa PYTHON27_HOME =/opt/rh/python27/root
Install the following packages:
epel-release centos-release-scl "@Development tools" python27 python27-scldevel python27-python-virtualenv libpcap-devel libselinux-python
For example:
yum -y install epel-release centos-release-scl yum -y install "@Development tools" python27 python27-scldevel python27-python-virtualenv libpcap-devel libselinux-python
Set up the following directory:
mkdir $PYCAPA_HOME && chmod 755 $PYCAPA_HOME
Create the following virtual environment:
export LD_LIBRARY_PATH="/opt/rh/python27/root/usr/lib64" ${PYTHON27_HOME}/usr/bin/virtualenv pycapa-venvCopy
incubator-metron/metron-sensors/pycapafrom the Metron source tree into$PYCAPA_HOMEon the node on which you would like to install pycapa.Build pycapa:
cd ${PYCAPA_HOME}/pycapa activate the virtualenv source ${PYCAPA_HOME}/pycapa-venv/bin/activate pip install -r requirements.txt python setup.py installStart the pycapa packet capture producer:
cd ${PYCAPA_HOME}/pycapa-venv/bin pycapa --producer --topic pcap -i $ETH_INTERFACE -k $KAFKA_HOST:6667