super_mediator-1.4.0-1.fc25.x86_64.rpm


Advertisement

Description

super_mediator - IPFIX Super Mediator for use with the YAF and SiLK tools

Property Value
Distribution Fedora 25
Repository CERT Forensics Tools x86_64
Package name super_mediator
Package version 1.4.0
Package release 1.fc25
Package architecture x86_64
Package type rpm
Installed size 1.17 MB
Download size 398.05 KB
Official Mirror forensics.cert.org
super_mediator is an IPFIX mediator for use with the YAF and SiLK tools.
It collects and filters YAF output data to various IPFIX collecting processes
and/or csv files. super_mediator can be configured to perform de-duplication
of DNS resource records, SSL certificates, or HTTP header fields as exported
by YAF.

Alternatives

Package Version Architecture Repository
super_mediator-1.6.0-1.fc25.i686.rpm 1.6.0 i686 CERT Forensics Tools
super_mediator-1.6.0-1.fc25.x86_64.rpm 1.6.0 x86_64 CERT Forensics Tools
super_mediator-1.5.3-2.fc25.i686.rpm 1.5.3 i686 CERT Forensics Tools
super_mediator-1.5.3-2.fc25.x86_64.rpm 1.5.3 x86_64 CERT Forensics Tools
super_mediator-1.5.3-1.fc25.i686.rpm 1.5.3 i686 CERT Forensics Tools
super_mediator-1.5.3-1.fc25.x86_64.rpm 1.5.3 x86_64 CERT Forensics Tools
super_mediator-1.5.2-1.fc25.i686.rpm 1.5.2 i686 CERT Forensics Tools
super_mediator-1.5.2-1.fc25.x86_64.rpm 1.5.2 x86_64 CERT Forensics Tools
super_mediator-1.5.0-1.fc25.i686.rpm 1.5.0 i686 CERT Forensics Tools
super_mediator-1.5.0-1.fc25.x86_64.rpm 1.5.0 x86_64 CERT Forensics Tools
super_mediator-1.4.0-1.fc25.i686.rpm 1.4.0 i686 CERT Forensics Tools
super_mediator - - -

Requires

Name Value
/sbin/ldconfig -
chkconfig -
glib2 >= 2.12.0
libc.so.6(GLIBC_2.2.5)(64bit) -
libcrypto.so.10()(64bit) -
libdl.so.2()(64bit) -
libfixbuf >= 1.0.0
libfixbuf.so.3()(64bit) -
libglib-2.0.so.0()(64bit) -
libgthread-2.0.so.0()(64bit) -
libm.so.6()(64bit) -
libmysqlclient.so.18()(64bit) -
libmysqlclient.so.18(libmysqlclient_18)(64bit) -
libpthread.so.0()(64bit) -
libpthread.so.0(GLIBC_2.2.5)(64bit) -
libpthread.so.0(GLIBC_2.3.2)(64bit) -
libssl.so.10()(64bit) -
libz.so.1()(64bit) -
rtld(GNU_HASH) -
silk-ipset-lib >= 3.0

Provides

Name Value
config(super_mediator) = 1.4.0-1.fc25
super_mediator -
super_mediator = 1.4.0-1.fc25
super_mediator(x86-64) = 1.4.0-1.fc25

Download

Type URL
Binary Package super_mediator-1.4.0-1.fc25.x86_64.rpm
Source Package super_mediator-1.4.0-1.fc25.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-25 rpm:
    https://forensics.cert.org/cert-forensics-tools-release-25.rpm
  2. Install cert-forensics-tools-release-25 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install super_mediator rpm package:
    # dnf --enablerepo=forensics install super_mediator

Files

Path
/etc/super_mediator.conf
/etc/init.d/super_mediator
/usr/bin/super_mediator
/usr/bin/super_table_creator
/usr/share/doc/super_mediator/NEWS
/usr/share/doc/super_mediator/README
/usr/share/man/man1/super_mediator.1.gz
/usr/share/man/man1/super_mediator.conf.1.gz
/usr/share/man/man1/super_table_creator.1.gz

Changelog

2016-10-04 - Lawrence R. Rogers <lrr@cert.org> - 1.4.0-1
* Release 1.4.0-1
Add support for multiple protocol deduplication for IPFIX/JSON exporters
Add post move file option for exporters
Add PAYLOAD, RPAYLOAD export options to custom field lists
Empty files are now removed by default
Bug Fix for uploading MULTI_FILES files to a MySQL database
Other Bug Fixes
2016-03-08 - Lawrence R. Rogers <lrr@cert.org> - 1.3.0-1
* Release 1.3.0-1
Version 1.3.0 changes
Add file compression support for EXPORTERS
Add Base64 Encode support for full certificate export
Changed default file extension for JSON files to .json
Bug Fix for ESCAPE_CHARS keyword for DNS_DEDUP Exporters
Fix bug when command line arguments and config file are present
Other Bug Fixes
Version 1.2.2 changes
Bug Fixes for JSON exporters
2015-12-29 - Lawrence R. Rogers <lrr@cert.org> - 1.2.1-1
* Release 1.2.1-1
Add JSON output option to --output-mode switch
Bug Fix for JSON exporters (DNS output)
2015-12-22 - Lawrence R. Rogers <lrr@cert.org> - 1.2.0-1
* Release 1.2.0-1
Remove support for fixbuf releases prior to libfixbuf-1.7.0
Collect and export sslServerName
Collect, decode, and export full X.509 Certificates
MD5 hashing of X.509 Certificates with OpenSSL support
SHA1 hashing of X.509 Certificates with OpenSSL support
Collect and export list of DHCP options
Bug Fixes
2015-12-07 - Lawrence R. Rogers <lrr@cert.org> - 1.1.3-1
* Release 1.1.3-1
Bug Fix for logging to syslog
DNS Deduplication JSON export bug fix
Update RPM spec file
2015-10-28 - Lawrence R. Rogers <lrr@cert.org> - 1.1.2-1
* Release 1.1.2-1
Bug Fix for TCP/UDP collector(s) that receive minimal data
2015-10-20 - Lawrence R. Rogers <lrr@cert.org> - 1.1.1-3
* Release 1.1.1-3
Rebuilt for silk-ipset-3.11.0.
2015-10-20 - Lawrence R. Rogers <lrr@cert.org> - 1.1.1-2
* Release 1.1.1-2
Rebuilt for libfixbuf 1.7.1.
2015-07-01 - Lawrence R. Rogers <lrr@cert.org> - 1.1.1-1
* Release 1.1.1-1
1.1.1, 2015-Jul-1
Bug Fix for Custom Field List Text Exporters
Bug Fix for configuring SSL De-duplication MAX_HIT_COUNT and FLUSH_TIME
super_table_creator will now create de-duplication tables
Documentation updates
2015-06-26 - Lawrence R. Rogers <lrr@cert.org> - 1.1.0-1
* Release 1.1.0-1
1.1.0 - 2015-06-26
Requires libfixbuf 1.4.0 or greater
SSL Certificate De-duplication
Advanced SSL field export configuration
Configurable De-duplication of any DPI Fields
JSON file export
Export of unnested DNS Resource Records
New option to only export DNS Responses
Add the ability to rotate and compress logs given a valid file directory
New option to de-duplicate on only particular DNS resource record types
MULTI_FILES CSV format change
MySQL schema change for MULTI_FILES
Bug Fix for Spread Collectors when daemon terminates
Bug Fixes
1.0.2 - 2014-10-15
Bug Fix for Collectors
1.0.1 - 2014-08-12
Add support for escaping control characters and the delimiter character in DPI strings
Bug Fix for DNP 3.0 text export
Other Minor Bug Fixes.
1.0.0 - 2014-06-13
Add support for multiple collectors
Add support for naming collectors and exporters
Collector name included in default flow text export
0.4.0 - 2014-03-04
Added SCADA protocol and RTP DPI collection
Added MySQL automatic reconnection capability
Syslog logging capability
Added ability to collect, print, and export MPLS labels
Added ability to collect, print, and export Type of Service fields
Incoming IPFIX records that use Delta counters will export the same fields
Bug Fix for variable redeclaration on some operating systems
Bug Fix for DNS deduplication timeout
Other Bug Fixes

See Also

Package Description
tln_tools-20110729-1.fc25.noarch.rpm Timeline tools - Open Source code for Windows Forensic Analysis and Incident Response
ttestdisk-7.0-3.1.fc25.x86_64.rpm Tool to check and undelete partition, PhotoRec recovers lost files
undbx-0.21-1.fc25.x86_64.rpm undbx - Tool to extract, recover and undelete e-mail messages from Outlook Express .dbx files
unrar-5.3.0-1.fc25.x86_64.rpm Compression and decompression program rar
unrar-5.4.0-1.fc25.x86_64.rpm Compression and decompression program rar
untex-1.3-3.1.fc25.x86_64.rpm Command to strip LaTeX commands from input
videosnarf-0.63-1.fc25.x86_64.rpm Output detected media sessions
vinetto-0.07beta-1.fc25.x86_64.rpm Extract thumbnails and associated metadata from the Thumbs.db files
vmfs-tools-0.2.5-2.fc25.x86_64.rpm Tools to access VMFS filesystems
winevt-kb-20170527-1.fc25.x86_64.rpm winevt-kb - Windows Event Log Knowledge Base
winreg-kb-20170525-1.fc25.x86_64.rpm winreg-kb - A project to build a Windows Registry Knowledge Base
x264-devel-0.148-13.20160924git86b7198.fc25.x86_64.rpm Development files for the x264 library
x264-libs-0.148-13.20160924git86b7198.fc25.x86_64.rpm Library for encoding H264/AVC video streams
x265-devel-1.9-3.fc25.x86_64.rpm H.265/HEVC encoder library development files
x265-libs-1.9-3.fc25.x86_64.rpm H.265/HEVC encoder library
Advertisement
Advertisement