Projects / System for Internet-Level K...

System for Internet-Level Knowledge

SiLK (System for Internet-Level Knowledge) consists of two sets of tools: a packing system and an analysis suite. The packing system receives Netflow V5 PDUs or IPFIX and converts them into a more space efficient format, recording the packed records into service-specific binary flat files. The analysis suite consists of tools that can read these flat files and then perform various query operations, ranging from per-record filtering to statistical analysis of groups of records. The analysis tools interoperate using pipes, allowing a user to develop a relatively sophisticated query from a simple beginning.

Tags
Licenses
Operating Systems
Implementation

RSS Recent releases

  •  28 Feb 2011 22:32

    Release Notes: Better handling of missing Netflow V5 records.

    •  28 Feb 2011 22:32

      Release Notes: This release removes limits on numbers of temporary files. rwpollexec, a new daemon that monitors a directory for files and invokes a user-supplied command on each file, has been added. There is a respooling option for rwflowpack.

      •  28 Feb 2011 22:32

        Release Notes: rwfileinfo speedups. Support for sensor descriptions. Flattened archive support. A fix for running out of file descriptors when there are many sensors.

        •  28 Feb 2011 22:32

          Release Notes: Country code support in PySiLK. CIDR-block options for rwfilter. More flexibility in the packing system. Bugfixes.

          •  28 Feb 2011 22:32

            Release Notes: Allows user switches from PySiLK plugins.

            Screenshot

            Project Spotlight

            dyncall

            A foreign function call interface using small assembly kernels.

            Screenshot

            Project Spotlight

            onQuery

            A advanced event querying engine.