applications/system

analysis-pipeline - Stream analysis of SiLK records

Website: http://tools.netsa.cert.org/analysis-pipeline5/index.html
License: GPLv2
Vendor: CERT Network Situational Awareness
Description:
The SiLK Analysis Pipeline can be added to the SiLK packing process to
analyze flow records as they are collected by rwflowpack.

Packages

analysis-pipeline-5.8-1.fc25.x86_64 [1.1 MiB] Changelog by Lawrence R. Rogers (2018-06-01):
* Release 5.8-1
	New EWMA primitive to calculate the Exponentially Weighted Moving Average and corresponding standard deviation.
	New CALCULATE STATS primitive to calculate the common statistical values such as the standard deviation, mean and count.
	Records can now be put into bins based on time windows to increase efficiency in certain situations and allow for better control of updating logic.
	FILTERS can now be put into MANIFOLDS to increase efficiency in certain situations.
	Other bug fixes.
analysis-pipeline-5.7-2.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2018-03-16):
* Release 5.7-2
	Rebuilt with silk-common-3.16.1.
analysis-pipeline-5.7-1.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2017-12-21):
* Release 5.7-1
	EVALUATIONS can be forced to wait a minimum amount of time before alerting
	STATISTICS can now have a minimum number of records before updating.
	Other bug fixes.
analysis-pipeline-5.6-4.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2017-11-09):
* Release 5.6-4
	Rebuilt with libfixbuf-1.8.0-1
analysis-pipeline-5.6-3.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2017-06-30):
* Release 5.6-3
	Rebuilt with silk-common-3.16.0.
analysis-pipeline-5.6-2.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2017-03-28):
* Release 5.6-2
	Rebuilt with silk-common-3.15.0.
analysis-pipeline-5.6-1.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2017-01-07):
* Release 5.6-1
	All fields can use a SEED file of any type
	More than one EXTRA ALERT FIELDs is now allowed.
	EXTRA ALERT FIELDs can now be derived fields
	Added EXTRA AUX ALERT FIELD to add fields to auxilliary alerts
	STATISTICs can now updated EVERY HOUR, or EVERY DAY
	STATISTICs will send one final update after processing a list of files using --name-files
	Other bug fixes
analysis-pipeline-5.5-2.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2016-12-02):
* Release 5.5-2
	Rebuilt with silk-common-3.14.0
analysis-pipeline-5.5-1.fc25.x86_64 [1.0 MiB] Changelog by Lawrence R. Rogers (2016-10-18):
* Release 5.5-1
	New PERSISTENCE primitive to detect a FOREACH tuple's presence for a specified number of HOURS or DAYS.
	A minimum number of records requirement can be added to primitives, either at the overall EVALUATION level,
	 or for each value of the FOREACH field. Alerts will not be sent until the minimum number of records is seen.
	Other bug fixes.

Listing created by Repoview-0.6.6-1.el6