# netbox-data-flows
Plugin for [NetBox](https://github.com/netbox-community/netbox) to document
Data Flows between systems and applications.
## WARNING
This plugin is considered Work in Progress (Beta).
Please use caution if using this plugin for production!
## Features
* Document data flows between IP addresses, IP ranges and prefixes
* Document the application that requires these data flows
* WIP: Prepare the list of data flows to be injested as firewall rules
## Installation and Configuration
Full reference: [Using Plugins - NetBox Documentation](https://docs.netbox.dev/en/stable/plugins/)
### Requirements
* NetBox (>=3.6.0)
* Python 3.8 or higher
*Note:* the plugin uses some classes that are not explicitely exported in
NetBox's plugin API, such as MPTT Tree-based models. Upward compatiblity is
not guaranteed.
### Temporary installation
Install the Python package:
```bash
source /opt/netbox/venv/bin/activate
pip install netbox-data-flows
```
Add the plugin in NetBox configuration
```python
# Add in: /opt/netbox/netbox/netbox/configuration.py
PLUGINS = [
'netbox_data_flows',
]
```
Create the database migrations:
```bash
source /opt/netbox/venv/bin/activate
/opt/netbox/netbox/manage.py migrate netbox_data_flows
```
The plugin will be removed at the next NetBox update.
### Permanent installation
Add the Python package to `local_requirements`:
```bash
echo netbox-data-flows >> /opt/netbox/local_requirements.txt
```
Add the plugin in NetBox configuration
```python
# Add in: /opt/netbox/netbox/netbox/configuration.py
PLUGINS = [
'netbox_data_flows',
]
```
Run the `upgrade.sh` script:
```bash
/opt/netbox/upgrade.sh
```
## Configuration
There is no `PLUGIN_CONFIG` configuration for this plugin. However, several
other aspects can be configured.
### Nomenclature
The name of Data Flows, Data Flow Groups and Object Aliases is not
constrained. You may wish to enforce your own validation rules in your
configuration, e.g.:
```python
# Add in: /opt/netbox/netbox/netbox/configuration.py
CUSTOM_VALIDATORS = {
"netbox_data_flows.objectalias": [
{
"name": {
"regex": "(host|net)_[a-z_]+"
},
}
]
}
```
Similar settings can be applied to:
* Applications: netbox_data_flows.application
* Application Roles: netbox_data_flows.applicationrole
* Data Flows: netbox_data_flows.dataflow
* Data Flow Groups: netbox_data_flows.dataflowgroup
* Object Aliases: netbox_data_flows.objectalias
Full reference: [CUSTOM_VALIDATORS - NetBox Documentation](https://docs.netbox.dev/en/stable/configuration/data-validation/#custom_validators)
### Protocol Choices
You can edit the list of available protocols when creating a data flow.
```python
# Add in: /opt/netbox/netbox/netbox/configuration.py
FIELD_CHOICES = {
'netbox_data_flows.DataFlow.protocol+': (
('igmp', "IGMP"),
)
}
```
Full reference: [FIELD_CHOICES - NetBox Documentation](https://docs.netbox.dev/en/stable/configuration/data-validation/#field_choices)
## Data model
### Application and Application Role
**Applications** are logical grouping of data flows and can be business
applications or infrastructure. Examples of applications:
* Active Directory
* MySuperBusinessApp
* Network management
* ...
**Application Role** is a label to help you categorize your applications.
Each Application may have one Application Role.
Examples of roles:
* Infrastructure
* Business Division 1
* ...
### Data Flow
**Data Flows** modelize a network connection between two objects. They may be
assigned to an Application
Data Flows should have a source, a destination, a protocol, source ports and
destination ports. Only the protocol is mandatory.
**Data Flow Groups** form a forest of groups. A tree can be assigned to a
single Application. Data Flow Groups can be enabled and disabled and inherit
the status of their parent. Disabled Data Flow Groups disable all the Data
Flows contained within.
### Object Alias
**Object Aliases** are a group of references to other NetBox objects. Object
Aliases are used as sources and destinations of Data Flows and corresponds to
the groups or aliases used in firewall configuration. Internally, Object
Aliases contain Object Alias Targets, because Django cannot create ManyToMany
relationships to generic objects. Object Alias Targets are not exposed in the
interface and should be transparent for the user.
Object Aliases currently supports:
* IP Addresses (ipam.ipaddress)
* IP Ranges (ipam.iprange)
* Prefixes (ipam.prefix)
If an IP Address is assigned to a device or virtual machine, that device is
also displayed.
## Development
Contributions are welcomed. This plugin is developped on the free time of its
author, so do not expect regular releases.
### Know bugs and limitations
* REST API and GraphQL API are not tested
See also the [list of issues](https://github.com/Alef-Burzmali/netbox-data-flows/issues)
### Planned Evolution
* Include data's type/nature and link to data flows or at rest on devices
Raw data
{
"_id": null,
"home_page": "",
"name": "netbox-data-flows",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": "",
"keywords": "netbox,netbox-plugins",
"author": "Thomas Fargeix",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/46/c8/5de75be530036eccb998da3fbc9e0e39849eb891efca52602953d84aab17/netbox-data-flows-0.8.2.tar.gz",
"platform": null,
"description": "# netbox-data-flows\n\nPlugin for [NetBox](https://github.com/netbox-community/netbox) to document\nData Flows between systems and applications.\n\n## WARNING\n\nThis plugin is considered Work in Progress (Beta).\nPlease use caution if using this plugin for production!\n\n## Features\n\n* Document data flows between IP addresses, IP ranges and prefixes\n* Document the application that requires these data flows\n* WIP: Prepare the list of data flows to be injested as firewall rules\n\n## Installation and Configuration\n\nFull reference: [Using Plugins - NetBox Documentation](https://docs.netbox.dev/en/stable/plugins/)\n\n### Requirements\n\n* NetBox (>=3.6.0)\n* Python 3.8 or higher\n\n*Note:* the plugin uses some classes that are not explicitely exported in \nNetBox's plugin API, such as MPTT Tree-based models. Upward compatiblity is\nnot guaranteed.\n\n### Temporary installation\n\nInstall the Python package:\n```bash\nsource /opt/netbox/venv/bin/activate\npip install netbox-data-flows\n```\n\nAdd the plugin in NetBox configuration\n```python\n# Add in: /opt/netbox/netbox/netbox/configuration.py\n\nPLUGINS = [\n 'netbox_data_flows',\n]\n```\n\nCreate the database migrations:\n```bash\nsource /opt/netbox/venv/bin/activate\n/opt/netbox/netbox/manage.py migrate netbox_data_flows\n```\n\nThe plugin will be removed at the next NetBox update.\n\n### Permanent installation\n\nAdd the Python package to `local_requirements`:\n```bash\necho netbox-data-flows >> /opt/netbox/local_requirements.txt \n```\n\nAdd the plugin in NetBox configuration\n```python\n# Add in: /opt/netbox/netbox/netbox/configuration.py\n\nPLUGINS = [\n 'netbox_data_flows',\n]\n```\n\nRun the `upgrade.sh` script:\n```bash\n/opt/netbox/upgrade.sh\n```\n\n## Configuration\n\nThere is no `PLUGIN_CONFIG` configuration for this plugin. However, several\nother aspects can be configured.\n\n### Nomenclature\n\nThe name of Data Flows, Data Flow Groups and Object Aliases is not\nconstrained. You may wish to enforce your own validation rules in your\nconfiguration, e.g.:\n\n```python\n# Add in: /opt/netbox/netbox/netbox/configuration.py\n\nCUSTOM_VALIDATORS = {\n \"netbox_data_flows.objectalias\": [\n {\n \"name\": {\n \"regex\": \"(host|net)_[a-z_]+\"\n },\n }\n ]\n}\n```\n\nSimilar settings can be applied to:\n* Applications: netbox_data_flows.application\n* Application Roles: netbox_data_flows.applicationrole\n* Data Flows: netbox_data_flows.dataflow\n* Data Flow Groups: netbox_data_flows.dataflowgroup\n* Object Aliases: netbox_data_flows.objectalias\n\nFull reference: [CUSTOM_VALIDATORS - NetBox Documentation](https://docs.netbox.dev/en/stable/configuration/data-validation/#custom_validators)\n\n### Protocol Choices\n\nYou can edit the list of available protocols when creating a data flow.\n\n```python\n# Add in: /opt/netbox/netbox/netbox/configuration.py\n\nFIELD_CHOICES = {\n 'netbox_data_flows.DataFlow.protocol+': (\n ('igmp', \"IGMP\"),\n )\n}\n```\n\nFull reference: [FIELD_CHOICES - NetBox Documentation](https://docs.netbox.dev/en/stable/configuration/data-validation/#field_choices)\n\n## Data model\n\n### Application and Application Role\n\n**Applications** are logical grouping of data flows and can be business\napplications or infrastructure. Examples of applications:\n* Active Directory\n* MySuperBusinessApp\n* Network management\n* ...\n \n**Application Role** is a label to help you categorize your applications.\nEach Application may have one Application Role.\nExamples of roles:\n* Infrastructure\n* Business Division 1\n* ...\n\n### Data Flow\n\n**Data Flows** modelize a network connection between two objects. They may be\nassigned to an Application\n\nData Flows should have a source, a destination, a protocol, source ports and\ndestination ports. Only the protocol is mandatory. \n\n**Data Flow Groups** form a forest of groups. A tree can be assigned to a\nsingle Application. Data Flow Groups can be enabled and disabled and inherit\nthe status of their parent. Disabled Data Flow Groups disable all the Data\nFlows contained within.\n\n### Object Alias\n\n**Object Aliases** are a group of references to other NetBox objects. Object\nAliases are used as sources and destinations of Data Flows and corresponds to\nthe groups or aliases used in firewall configuration. Internally, Object\nAliases contain Object Alias Targets, because Django cannot create ManyToMany\nrelationships to generic objects. Object Alias Targets are not exposed in the\ninterface and should be transparent for the user.\n\nObject Aliases currently supports:\n* IP Addresses (ipam.ipaddress)\n* IP Ranges (ipam.iprange)\n* Prefixes (ipam.prefix)\nIf an IP Address is assigned to a device or virtual machine, that device is\nalso displayed.\n\n## Development\n\nContributions are welcomed. This plugin is developped on the free time of its\nauthor, so do not expect regular releases.\n\n### Know bugs and limitations\n* REST API and GraphQL API are not tested\n\nSee also the [list of issues](https://github.com/Alef-Burzmali/netbox-data-flows/issues)\n\n### Planned Evolution\n* Include data's type/nature and link to data flows or at rest on devices\n\n",
"bugtrack_url": null,
"license": "Apache 2.0",
"summary": "NetBox plugin to document data flows between systems and applications.",
"version": "0.8.2",
"project_urls": {
"Bug Tracker": "https://github.com/Alef-Burzmali/netbox-data-flows/issues",
"Homepage": "https://github.com/Alef-Burzmali/netbox-data-flows"
},
"split_keywords": [
"netbox",
"netbox-plugins"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "9dc98ec82ad5aee50a5d991af1a98c5a43ff66507ec91087e02849e8748232e9",
"md5": "f4568d37e45cf97109adc436f2b23a34",
"sha256": "af8fba2376b0da62f4734a7e93fa8d3d306e755d2528057172b040365beda6d7"
},
"downloads": -1,
"filename": "netbox_data_flows-0.8.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "f4568d37e45cf97109adc436f2b23a34",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 63397,
"upload_time": "2024-01-29T21:13:33",
"upload_time_iso_8601": "2024-01-29T21:13:33.513919Z",
"url": "https://files.pythonhosted.org/packages/9d/c9/8ec82ad5aee50a5d991af1a98c5a43ff66507ec91087e02849e8748232e9/netbox_data_flows-0.8.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "46c85de75be530036eccb998da3fbc9e0e39849eb891efca52602953d84aab17",
"md5": "2be24a8307a1f825d041646990cd5454",
"sha256": "4105759846eec8d8e46fee66ed0f7789f0b47813708281616cd21716ea45eb67"
},
"downloads": -1,
"filename": "netbox-data-flows-0.8.2.tar.gz",
"has_sig": false,
"md5_digest": "2be24a8307a1f825d041646990cd5454",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 36212,
"upload_time": "2024-01-29T21:13:35",
"upload_time_iso_8601": "2024-01-29T21:13:35.333041Z",
"url": "https://files.pythonhosted.org/packages/46/c8/5de75be530036eccb998da3fbc9e0e39849eb891efca52602953d84aab17/netbox-data-flows-0.8.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-01-29 21:13:35",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "Alef-Burzmali",
"github_project": "netbox-data-flows",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "netbox-data-flows"
}
JSON
