System Architecture Mapper
SAM is a tool designed to map a network based on the data log of a router. It runs as a local python-based server and displays the a map and statistics on the browser.
Check out the website for details about the project and a demo!
install SAM with pip:
pip install samapper
Collect network data with tcpdump and run the http server:
sudo tcpdump -i any -f --immediate-mode -l -n -Q inout -tt | samapper --local --whois --format=tcpdump
Or, run the http server without collecting data:
samapper --local --whois --format=none
When running samapper in local mode using sqlite (the default) the database will sometimes lock up when the collector is inserting and you are viewing the display. If this is happening, just run the collector for a while, stop it, and run the http server on its own.
(optional) mysql - database software that will work better for this than sqlite.
apt-get install mysql-server libmysqlclient-dev python python-dev
pip - to install python packages
apt-get install python-pip
pip install -r requirements.txt
from within the directory to install necessary packages.e.g:
export SAM__DATABASE__DBN=mysql
export SAM__DATABASE__USER=root
export SAM__DATABASE__PW=mypassword
Start the server locally by running: python -m sam.launcher --target=webserver
For a more robust deployment, SAM supports the WSGI interface (python sam/server_webserver.py
) and can be run through a different web server.
Create a data source to use in the settings page, or use the default empty data source provided.
For static analysis, import your log files into the database by running the following scripts, where log_file is the path to your log file and destination is the name of the data source you wish to fill.
python -m sam.launcher --target=import --format=<format> --dest=<destination> <log_file>
Log formats currently supported include:
For live analysis,
python -m sam.launcher --target=aggregator
python -m sam.launcher --target=collector
Navigate your browser to localhost:8080 and explore your network!