Welcome, Guest! Log In | Create Account

Share

SiLK Analysis Suite

File Release Notes and Changelog

Release Name: silktools-0.8

Notes:
2005-Sep-26: SiLK Release 0.8
* New packet-support tools
  - rwptoflow: Create a single-packet SiLK flow record for
               every record in a tcpdump file.
  - rwpmatch: Use a SiLK Flow file to filter the contents of
              a tcpdump file
  - rwpcut: Output a tcpdump dump file as ASCII
* New tool: rwgroup
  - Groups multiple records together with a common tag
* New tool: rwmatch
  - Matches records from two files together into a common
    stream
* New pipe-lining tool: rwnetmask
  - Masks off lower bits of the source and/or destination
    addresses allowing one to aggregate output by CIDR block
* Support for 16bit SNMP interfaces
  - Packing and file output formats support the full 16bits
    of SNMP interface values as exported in NetFlow v5
* Support for 65535 sensors
 - Sensor ID is now processed and stored in a 16 bit integer
* Millisecond time support
  - Millisecond precision for start time, end time, and
    duration in the file output formats.  Limited
    application support to access this field.
* New country-code support
  - Allow filtering and cutting by an IP's physical location
* Enhancements to rwfilter
  - New --print-volume-statistic switch gives bytes, packet,
    and flow counts for the passed and failed streams
  - New --any-address and --any-ipset switches allows
    matching source or destination IP addresses
  - New --nhip-set switch allows matching next-hop IP
    address
  - New --active-time switch allows printing flows that were
    active at a particular time
  - New --flags-all switch to allow (yet) another way to
    specify TCP flags
  - Allow filtering over class and type when reading a file
    generated by a previous run of rwfilter
* Enhancements to rwsort
  - Remove the previous 50 million record limit by using
    temporary disk files when RAM is exceeded
  - Enable sorting based on elapsed time
* Enhancements to rwuniq
  - In addition to flow counts, optionally keep totals of
    bytes and packets, as well as the time range over which
    the key was active.
  - On out-of-memory, print the bins as counted so far.
* Enhancements to rwcount
  - When --start-epoch is given, use that time as the edge
    of a bin.  This lets you view traffic in 24 hour bins
    that runs from noon to noon, for example.
  - Be more memory stingy by not creating bins for records
    that occur before the --start-epoch
  - Accepting flows in any time order (previously assumed
    flows were close to time-sorted order)
  - Allow --start-epoch switch to take a time string like
    rwfilter accepts
  - Print file names when --print-files is given
  - Add final delimiter to each line of output
* Enhancements to rwaddrcount
  - Allow sorting of output records by IP address
* Enhancements to rwcat
  - New --xargs switch to allowing reading a list of file
    names; this allows rwcat to accept output from the UNIX
    find command
* Enhancements to rwset
  - Added switches to print details about the structure of
    the IPs in the IP-set


Changes:

 

About SourceForge

Find Software

Develop Software

Community

Help

Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use