Using the Pistache Framework in the Suri Oculus Project: Advantages and Development Experience

Developing modern monitoring and security management systems requires not only high performance but also flexibility, scalability, and reliability. For our Suri Oculus project (https://suri-oculus.com), which is focused on effective management of events, rules, and indicators of compromise (IOC), we chose the Pistache framework in C++  to create our backend API. This choice allowed us to achieve outstanding results, providing users with powerful tools to work with security systems.

Why Pistache?

Pistache is a lightweight, asynchronous HTTP framework that offers all the necessary tools for quickly and efficiently creating high-performance web services. Below are the key advantages that drew us to this framework:

1. High Performance: One of the main reasons for choosing Pistache was its performance. Asynchronous request handling and multithreading support allow for efficient resource use and the ability to handle a large number of requests with minimal latency. For our project, where handling large amounts of data is crucial, this was a key factor.
2. Ease of Integration and Configuration: Pistache provides an intuitive API, which significantly simplified the development process. We were able to quickly integrate the framework into the project and configure all the necessary routes for working with events, rules, IOC, and statistics.
3. Scalability: It is important to note that Pistache was designed with scalability in mind. This allowed us to create solutions that can work efficiently in both small and large infrastructures.
4. Minimal Overhead: The lightweight nature of Pistache minimized the overhead for server management, which is critical for high-load systems like Suri Oculus. This ensures stable system performance even during peak loads.
5. Modularity and Flexibility: Pistache is easily adaptable to the specific needs of a project. This allowed us to implement custom routes for managing Suricata, configuring security rules, and processing statistical data.

Experience Using Pistache in Suri Oculus

In Suri Oculus, our API implements a number of key functions, including the management of events, rules, indicators of compromise, and statistics. Thanks to Pistache, we were able to achieve high speed for these routes while maintaining flexibility and ease of use.

For example, the routes for managing events include capabilities for retrieving, searching, deleting, and checking events of a specific type. These operations, which require high precision and speed, are easily implemented using Pistache, allowing us to process requests quickly and provide up-to-date data to our users.

The routes for rule management provide a wide range of features, such as adding, updating, and deleting rules, searching by various criteria, and managing rule statuses. The Pistache framework enabled us to implement this complex logic with minimal resource and time costs.

As for working with indicators of compromise (IOC), the API routes allow downloading new IoCs, filtering them by time, retrieving data by type or status, and changing the IoC status. Pistache handles these tasks by providing fast access to necessary data and enabling flexible threat management.

Finally, the routes for working with statistics allow us to retrieve data on packets, alerts, CPU and memory usage, and create histograms for analyzing system performance. These capabilities are crucial for monitoring and optimizing Suri Oculus , and Pistache is ideally suited for their implementation.

Conclusion

Using Pistache in our Suri Oculus project allowed us to create a reliable and high-performance backend that provides users with powerful tools for security management. The ease of integration, high performance, and scalability made this framework an ideal choice for our needs.

If you are looking for a framework to create a fast and lightweight HTTP server in C++, Pistache is an excellent choice that can meet the highest demands for performance and flexibility. Our experience with it in Suri Oculus confirms that Pistache can be a solid foundation for developing complex and scalable security systems.

Documentation