super_mediator-1.4.0-1.fc25.i686.rpm


Advertisement

Description

super_mediator - IPFIX Super Mediator for use with the YAF and SiLK tools

Distribution: Fedora 25
Repository: CERT Forensics Tools i386
Package name: super_mediator
Package version: 1.4.0
Package release: 1.fc25
Package architecture: i686
Package type: rpm
Installed size: 1004.01 KB
Download size: 372.18 KB
Official Mirror: forensics.cert.org
super_mediator is an IPFIX mediator for use with the YAF and SiLK tools. It collects and filters YAF output data to various IPFIX collecting processes and/or csv files. super_mediator can be configured to perform de-duplication of DNS resource records, SSL certificates, or HTTP header fields as exported by YAF.

Provides

  • config(super_mediator) = 1.4.0-1.fc25
  • super_mediator = 1.4.0-1.fc25
  • super_mediator
  • super_mediator(x86-32) = 1.4.0-1.fc25

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
      https://forensics.cert.org/cert-forensics-tools-release-25.rpm
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install super_mediator rpm package:
      # dnf --enablerepo=forensics install super_mediator

    Files

    • /etc/super_mediator.conf
    • /etc/init.d/super_mediator
    • /usr/bin/super_mediator
    • /usr/bin/super_table_creator
    • /usr/share/doc/super_mediator/NEWS
    • /usr/share/doc/super_mediator/README
    • /usr/share/man/man1/super_mediator.1.gz
    • /usr/share/man/man1/super_mediator.conf.1.gz
    • /usr/share/man/man1/super_table_creator.1.gz

    Changelog

    2016-10-04 - Lawrence R. Rogers <lrr@cert.org> - 1.4.0-1 * Release 1.4.0-1 Add support for multiple protocol deduplication for IPFIX/JSON exporters Add post move file option for exporters Add PAYLOAD, RPAYLOAD export options to custom field lists Empty files are now removed by default Bug Fix for uploading MULTI_FILES files to a MySQL database Other Bug Fixes

    2016-03-08 - Lawrence R. Rogers <lrr@cert.org> - 1.3.0-1 * Release 1.3.0-1 Version 1.3.0 changes Add file compression support for EXPORTERS Add Base64 Encode support for full certificate export Changed default file extension for JSON files to .json Bug Fix for ESCAPE_CHARS keyword for DNS_DEDUP Exporters Fix bug when command line arguments and config file are present Other Bug Fixes Version 1.2.2 changes Bug Fixes for JSON exporters

    2015-12-29 - Lawrence R. Rogers <lrr@cert.org> - 1.2.1-1 * Release 1.2.1-1 Add JSON output option to --output-mode switch Bug Fix for JSON exporters (DNS output)

    2015-12-22 - Lawrence R. Rogers <lrr@cert.org> - 1.2.0-1 * Release 1.2.0-1 Remove support for fixbuf releases prior to libfixbuf-1.7.0 Collect and export sslServerName Collect, decode, and export full X.509 Certificates MD5 hashing of X.509 Certificates with OpenSSL support SHA1 hashing of X.509 Certificates with OpenSSL support Collect and export list of DHCP options Bug Fixes

    2015-12-07 - Lawrence R. Rogers <lrr@cert.org> - 1.1.3-1 * Release 1.1.3-1 Bug Fix for logging to syslog DNS Deduplication JSON export bug fix Update RPM spec file

    2015-10-28 - Lawrence R. Rogers <lrr@cert.org> - 1.1.2-1 * Release 1.1.2-1 Bug Fix for TCP/UDP collector(s) that receive minimal data

    2015-10-20 - Lawrence R. Rogers <lrr@cert.org> - 1.1.1-3 * Release 1.1.1-3 Rebuilt for silk-ipset-3.11.0.

    2015-10-20 - Lawrence R. Rogers <lrr@cert.org> - 1.1.1-2 * Release 1.1.1-2 Rebuilt for libfixbuf 1.7.1.

    2015-07-01 - Lawrence R. Rogers <lrr@cert.org> - 1.1.1-1 * Release 1.1.1-1 1.1.1, 2015-Jul-1 Bug Fix for Custom Field List Text Exporters Bug Fix for configuring SSL De-duplication MAX_HIT_COUNT and FLUSH_TIME super_table_creator will now create de-duplication tables Documentation updates

    2015-06-26 - Lawrence R. Rogers <lrr@cert.org> - 1.1.0-1 * Release 1.1.0-1 1.1.0 - 2015-06-26 Requires libfixbuf 1.4.0 or greater SSL Certificate De-duplication Advanced SSL field export configuration Configurable De-duplication of any DPI Fields JSON file export Export of unnested DNS Resource Records New option to only export DNS Responses Add the ability to rotate and compress logs given a valid file directory New option to de-duplicate on only particular DNS resource record types MULTI_FILES CSV format change MySQL schema change for MULTI_FILES Bug Fix for Spread Collectors when daemon terminates Bug Fixes 1.0.2 - 2014-10-15 Bug Fix for Collectors 1.0.1 - 2014-08-12 Add support for escaping control characters and the delimiter character in DPI strings Bug Fix for DNP 3.0 text export Other Minor Bug Fixes. 1.0.0 - 2014-06-13 Add support for multiple collectors Add support for naming collectors and exporters Collector name included in default flow text export 0.4.0 - 2014-03-04 Added SCADA protocol and RTP DPI collection Added MySQL automatic reconnection capability Syslog logging capability Added ability to collect, print, and export MPLS labels Added ability to collect, print, and export Type of Service fields Incoming IPFIX records that use Delta counters will export the same fields Bug Fix for variable redeclaration on some operating systems Bug Fix for DNS deduplication timeout Other Bug Fixes

    Advertisement
    Advertisement