Enterprise Grade Reports in my Home?!
Bare with me here, I am a ServiceNow Devloper and I have my own instance. I would like to export data from Firewalla, and then import that data in ServiceNow. Ideally, I would be able to do this on a regular basis, and then pull reports within ServiceNow around different aspects of my network.
Different reports:
- Top trafficked sites
- Most time spent on a site
- Other random reports
By no means do I think this is a feature that everyone needs or probably wants, I am just asking if there is some sort of way to export the data in an excel or CSV format of what I see on the Net Flow charts? Time, Device, domain, ip, upload, download, etc.
Thank you so much for making this little device!
-
Oh man this makes me very excited! Ideally, I would have both, a website that I could go to and get the data file, and also the REST API or SOAP for that matter. I would be more than willing to jump on a couple calls with you guys and offer up my ServiceNow Instance to mess around and get things working. THANK YOU!
-
We are scoping what to do in this area, there is absolutely no commitment on what we will be doing. But ... whatever you say can sure influence us. :)
For example, we are thinking of duplicating the same functions on the app the web, but that's expensive to maintain. Hence we want to build whatever runs best for your particular business case.
Do you value the web interface more than the API's? Say if we only to make one, which one you will like?
Next, if we just make web for functions that doesn't exist on the app, is that something usable?
-
+++ access via web /api
Just got my firewalla and it looks pretty good.
Open up a web / api and you'll generate a whole lot of interest from tinkerers like home-assistant, open-hab - imagine blinking a hue light red if a firewalla alarm triggers.
I'd put some of the firewalla dashboard / info on a page on my wall mounted HA tablet... and can think of a whole bunch of reports I'd generate to keep track of what's going on on my network.
As you're working on this stuff, is there any way I can grab the discovered device info?... maybe a file or script via ssh (I looked and couldn't find it). I'm building a dnsmasq server with reserved addresses and it would be great to get all the info firewalla has to cut and paste into my configs.
Thanks for the great work! I can't wait to see where this thing goes. I think I already got you 2 more sales this weekend by just telling people about the cool new toy I found :-)
-
Joe
What specifics you want to do with dnsmasq? we probably can provide that function, firewalla has a dnsmasq server.
As of api's, what will be some of the important things that you will want from it? Are you more interested in scripting or just tired of the phone? (more of, is API more important than web interface?)
Json reports should be easy on the devices, we are designing something now.
-
I moved my dnsmasq from dd-wrt to a RPi. I'm using it for local DNS and DHCP. I think the firewalla is doing pretty good with just the IDS/IPS functionality and look forward to you continuing to improve and add additional security functionality without bogging it down with other things like dnsmasq on it.
The phone platform is nice for what it is - ever handy, quick look at what is going on but there are times you want a bigger screen, keyboard, easy cut-and-paste, etc.
Some ideas I'd like to do:
See the devices in a table so I can cut-and-paste MAC addresses into dnsmasq config or more easily spot new devices or devices that don't have names configured correctly.
Easily do some searches against the apps or history in the network flows to further investigate who's talking to who (e.g. cut and paste into google)
Possibly integrate alarms with smart home so if some threshold is hit… say very large abnormal upload have tts announce it or flash a light if a new device is attempting to get on my network.
Create a top-talkers or top uploaders/downloaders report
Sort the netflow history to see if I could optimize by caching anything.I’ve had the firewalla only a couple of days so I’m just thinking through possibilities. I know you probably want to make the firewalla easy for people who just want to have it run, not fuss with it and show their “cool” phone screen to friends 😉 but it looks like it would attract tinkers and more serious-minded people to buy with the potential of what it could do and they could do with it.
Thanks for your consideration!
-
I would also very much like this kind of reporting capiubility. The simplest report that would be very beneficial to start with it to be able to just export the Devices information to a spreadsheet, showing device name, IP Address, Mac Address and Manufacturer (a simple known devices inventory).
-
+API
Would love to access activity logs and try to do some analysis with the activities on my network.
Would love to check my DDNS.
Would love to check how many threats have been detected last 24 hours or so.
Would love to automate some processes like stop specific IP from the internet on a specific time.
If there are beta API would love to be part of it. Thanks!
-
We are seriously hoping to accelerate these features. These features are only important to a small set of users, and the only way we can support this is likely to have it as an addon feature that will also cost extra. This can be both a reasonable one time fee or a small on going fee to support the enhancements.
-
Would it be possible to implement any of this so that it could connect with some open source software or packet sniffer on the desktop? The main issue is who is attacking the network and some ability to further investigate. Your tools don't have to do everything but work with other tools that specialize in that sort of thing. I find the information interesting but not very actionable.
Please sign in to leave a comment.
Comments
21 comments