Realtime analytics output

• Prepared with the aid of a Selenium automated testing system running containerized on the cluster.
• Updated 6 hourly.
• Reports (now @WhoIsScanningMe via )
  • Firewall "attacks"
    • FireWall Final-Rejections
    • Basic Network IDS
  • Electricity flows
    • Energy Generation/Consumption
    • Solar Generation
• Selenium Automated Testing (external link)

OpenSearch cluster Firewall Rejection analytics

What do these report graphs mean?

• Vulnerability scans - Unsolicited Port scans. In these "attacks" the source address means where it's coming from. These are a form of, sometimes malicous, reconnaissance.
• Reflection/Amplification DDoS attacks. Some interpretation is needed to explain the essential properties of this form of DDoS cyber attack. However, usually the source address listed is the victim (in these graphs the source address is anonymized for legal reasons).
• Measurements by country of how likely source addresses can be spoofed at all. Updated at least daily.
• Bot detection and tracking: 6fepxz21f - just google this to locate page replicas if any.

OpenSearch cluster Electricity Analytics

Electricity analytics. A work in progress. Major redevelopment from Fronius/ElasticSearch to Solax/OpenSearch.

Data sources are the Distributor's electricity meter via the free Emerald EMS and also via the more sophisticated Zigbee Gateway Rainforest Eagle (1st Gen) iCredit as well as the Solax X1 inverter itself. The main difference between the two electricity meter measurements is the flashing LED reading Emerald EMS can't see exported electricity. That means the lower two graphs only show consumption whereas the top graph goes negative (meaning exported electricity is measured).

Generally the green parts of the graph come directly from the Solax inverter. We inherited a bottom of the line Solax X1 system in the new house (which has been fully compromised and is providing data, via a Raspberry Pi Zero W, directly to the MQTT server - no more Chinese cloud servers are involved). The entire inverter now looks like another IoT device as far as OpenHAB and the analytics are concerned (a page on this is yet to come - suffice to say that the Solax inverters are now so common that everything has been hacked and is publically available on the web - all of which sounds bad, however this project wouldn't possible without said hacks. As it turns out this has actually become a reason to buy Solax). What is also revealed by the new analytics is that the Solax actually performs quite well given we have such a poor quality installation job.