This is a work in progress, use at your own risk
This project was inspired by Maatkit’s mk-query-digest utility. This is essentially a protocol analysis tool, currently focused on analyzing real time traffic (via scapy), or as captured by tcpdump to a file.
What’s Apache ZooKeeper?
From the official site: “ZooKeeper is a high-performance coordination service for distributed applications.”
It exposes common services – such as naming, configuration management, synchronization, and group services – in a simple interface so you don’t have to write them from scratch. You can use it off-the-shelf to implement consensus, group management, leader election, and presence protocols.
Capture information from a ZooKeeper cluster and this tool will output an analysis of the interactions/operations.
This project is licensed under the Apache License Version 2.0
Usage: zookeeper-digest.py [options] Options: -h, --help show this help message and exit --servers=SERVERS comma separated list of host:port -i INTERFACE, --intf=INTERFACE interface from which to read packets -r READ, --read=READ pcap file from which to read packets --show show full packet detail --summary show summary packet detail --debug show all pkts
sudo ./zookeeper-digest.py -i <interface> --servers "localhost:2181" --summary
sudo ./zookeeper-digest.py -i <interface> --servers "localhost:2181" --show
Save to a file using tcpdump, decode later:
sudo tcpdump -w <file> -i <interface> -s 1600 "tcp and (port <zk client port>)"
./zookeeper-digest.py -r <file> --summary
where <zk client port> is typically 2181 and <interface> typically eth0 or ath0 or wlan0, etc…