silk-flowcap - SiLK Toolset: Remote Flow Collection

License: GPLv2
Vendor: CERT Network Situational Awareness <>
SiLK, the System for Internet-Level Knowledge, is a collection of
traffic analysis tools developed by the CERT Network Situational
Awareness Team (CERT NetSA) to facilitate security analysis of large
networks. The SiLK tool suite supports the efficient collection,
storage and analysis of network flow data, enabling network security
analysts to rapidly query large historical traffic data sets. SiLK is
ideally suited for analyzing traffic on the backbone or border of a
large, distributed enterprise or mid-sized ISP.

The silk-flowcap package contains flowcap, a daemon to capture NetFlow
v5 or IPFIX flows (Internet Protocol Flow Information eXport), to
store the data temporarily in files on its local disk, and to forward
these files over the network to a machine where rwflowpack processes
the data.  flowcap is typically used with an rwsender-rwreceiver pair
to move the files across the network.


silk-flowcap-3.22.1-101.fc38.x86_64 [36 KiB] Changelog by Lawrence R. Rogers (2023-09-14):
* Release 3.22.0-1/2
	New version of silk (
			Added the --fields switch to select which key and/or counter fields are printed and their order.
			Added the --missing-field=FIELD=STRING switch to print STRING when FIELD is listed in --fields but is not in the input file.
			Added the --help-fields switch to list the possible fields and a brief description of each.
			Added the --scalar-multiply switch. When argument is COUNTER=VALUE, multiplies COUNTER's value by VALUE; when argument is only VALUE, multiplies all counters' values by VALUE.
			Added the --divide switch to divide the counters in the first Aggregate Bag file by those in the remaining files.
			Added the --zero-divisor-result switch to specify the result when the divisor's counter is zero or when the dividend has a key-value that is not in the divisor.
			Added the --help-fields switch to list the possible fields and a brief description of each.
		rwaggbag, rwaggbagbuild
			Added the --help-fields switch to list the possible fields and a brief description of each.
			Modified rwbagbuild to set the counter to the maximum value on overflow instead of raising an error.
		rwflowappend, rwsender, rwpollexec
			Made internal changes to the directory poller.
		Simplified the configure tests that check for python.
		Changed how the packing-logic is set in silk.spec to address an error when building an RPM with static-packing logic on RHEL8.

Listing created by Repoview-0.6.6-4.el7