silk-rwflowappend-3.17.2-4.fc29.x86_64.rpm


Advertisement

Description

silk-rwflowappend - SiLK Toolset: Remote Data Storage Appending Daemon

Property Value
Distribution Fedora 29
Repository CERT Forensics Tools SiLK, IPA, Postgresql x86_64
Package name silk-rwflowappend
Package version 3.17.2
Package release 4.fc29
Package architecture x86_64
Package type rpm
Installed size 136.08 KB
Download size 67.93 KB
Official Mirror forensics.cert.org
SiLK, the System for Internet-Level Knowledge, is a collection of
traffic analysis tools developed by the CERT Network Situational
Awareness Team (CERT NetSA) to facilitate security analysis of large
networks. The SiLK tool suite supports the efficient collection,
storage and analysis of network flow data, enabling network security
analysts to rapidly query large historical traffic data sets. SiLK is
ideally suited for analyzing traffic on the backbone or border of a
large, distributed enterprise or mid-sized ISP.
The silk-rwflowappend package is used when the final storage location
of SiLK data files is on a different machine than that where the files
are created by the rwflowpack daemon (see the silk-rwflowpack
package).  rwflowappend watches a directory for SiLK data files and
appends those files to the final storage location where the SiLK
analysis tools (from the silk-analysis package) can process them.  To
move the files from rwflowpack to rwflowappend, an rwsender-rwreceiver
pair is typically used.

Alternatives

Package Version Architecture Repository
silk-rwflowappend-3.18.0-2.fc29.i686.rpm 3.18.0 i686 CERT Forensics Tools SiLK, IPA, Postgresql
silk-rwflowappend-3.18.0-2.fc29.x86_64.rpm 3.18.0 x86_64 CERT Forensics Tools SiLK, IPA, Postgresql
silk-rwflowappend-3.18.0-1.fc29.i686.rpm 3.18.0 i686 CERT Forensics Tools
silk-rwflowappend-3.18.0-1.fc29.x86_64.rpm 3.18.0 x86_64 CERT Forensics Tools
silk-rwflowappend-3.17.2-6.fc29.i686.rpm 3.17.2 i686 CERT Forensics Tools SiLK, IPA, Postgresql
silk-rwflowappend-3.17.2-6.fc29.x86_64.rpm 3.17.2 x86_64 CERT Forensics Tools SiLK, IPA, Postgresql
silk-rwflowappend-3.17.2-5.fc29.i686.rpm 3.17.2 i686 CERT Forensics Tools
silk-rwflowappend-3.17.2-5.fc29.x86_64.rpm 3.17.2 x86_64 CERT Forensics Tools
silk-rwflowappend-3.17.2-4.fc29.i686.rpm 3.17.2 i686 CERT Forensics Tools SiLK, IPA, Postgresql
silk-rwflowappend-3.17.2-3.fc29.x86_64.rpm 3.17.2 x86_64 CERT Forensics Tools
silk-rwflowappend-3.17.2-3.fc29.i686.rpm 3.17.2 i686 CERT Forensics Tools
silk-rwflowappend - - -

Requires

Name Value
libc.so.6(GLIBC_2.4)(64bit) -
libdl.so.2()(64bit) -
liblzo2.so.2()(64bit) -
libm.so.6()(64bit) -
libpthread.so.0()(64bit) -
libpthread.so.0(GLIBC_2.2.5)(64bit) -
libpthread.so.0(GLIBC_2.3.2)(64bit) -
libsilk-thrd.so.5()(64bit) -
libsilk.so.25()(64bit) -
libsnappy.so.1()(64bit) -
libz.so.1()(64bit) -
rtld(GNU_HASH) -
silk-common -

Provides

Name Value
config(silk-rwflowappend) = 3.17.2-4.fc29
silk-rwflowappend = 3.17.2-4.fc29
silk-rwflowappend(x86-64) = 3.17.2-4.fc29

Download

Type URL
Binary Package silk-rwflowappend-3.17.2-4.fc29.x86_64.rpm
Source Package silk-3.17.2-4.fc29.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-29 rpm:
    https://forensics.cert.org/cert-forensics-tools-release-29.rpm
  2. Install cert-forensics-tools-release-29 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install silk-rwflowappend rpm package:
    # dnf --enablerepo=forensics-sip install silk-rwflowappend

Files

Path
/etc/init.d/rwflowappend
/etc/sysconfig/rwflowappend.conf
/usr/lib/.build-id/
/usr/lib/.build-id/6b/6f8e737dbe99fe2dbb50bff61afb1e93baaf6e
/usr/sbin/rwflowappend
/usr/share/man/man8/rwflowappend.8.gz
/var/silk/

Changelog

2018-07-19 - Lawrence Rogers <lrr@cert.org> 3.17.2-3/4
* Release 3.17.2-3/4
Rebuilt for libfixbuf-2.1.0.
2018-06-28 - Lawrence Rogers <lrr@cert.org> 3.17.2-1/2
* Release 3.17.2-1/2
rwgeoip2ccmap
Add a --fields switch that gives the user control over which country-code value(s) are used when reading a GeoIP2 file.
rwuniq
Use a 64-bit integer for storing a bin's record count.
rwstats
Use a 64-bit integer for storing a bin's record count.
rwaddrcount
Use 64-bit integers for storing a bin's packet count and record count.
rwflowpack
In sensor.conf, add a new quirk, nf9-out-is-reverse, to simulate the behavior of libfixbuf-1.7.1; i.e., to treat the NetFlow v9 elements OUT_BYTES and OUT_PKTS as reverse-volume values.
When parsing the sensor.conf file, allow double-quoted strings for the path names of IPset files.
flowcap
In sensor.conf, add a new quirk, nf9-out-is-reverse, to simulate the behavior of libfixbuf-1.7.1; i.e., to treat the NetFlow v9 elements OUT_BYTES and OUT_PKTS as reverse-volume values.
2018-04-23 - Lawrence Rogers <lrr@cert.org> 3.17.1-1/2
* Release 3.17.1-1/2
3.17.1
Fix a compilation failure on RedHat EL6, CentOS 6, and other systems.
3.17.0
Add support in rwaggbagtool for removing rows when a value is above or below a threashold or when an 
IP address is in or is not in an IPset.
Change how rwsetcat displays IPv4 addresses in an IPset containing both IPv4 and IPv6 addresses.
Add support for millisecond timestamps in rwuniq and rwstats.
Add support for the GeoIP2 version of MaxMind's country code comma-separated value files and binary files.
(Binary file support requires libmaxminddb library support.)
2018-02-15 - Lawrence Rogers <lrr@cert.org> 3.16.1-1/2
* Release 3.16.1-1/2
rwstats
Fix a bug that occurred when using a large amount of memory and could result in corrupted output.
rwuniq
Fix a bug that occurred when using a large amount of memory and could result in corrupted output.
rwbagcat
Fix bugs that occur when using the --network-structure switch with an IPv4-specific argument and bag file contains addresses in the ::ffff:0:0/96 netblock.
rwsetcat
Print an error message when rwsetcat is unable to read an IPset.
rwsender, rwreceiver
Fix an issue when using installations of GnuTLS that do not provide support for thread locking.
rwflowpack, flowcap
Fix a bug where NetFlow v9 records were being ignored because the application was decoding them with the wrong internal template.
Building
Fix issues when determining compilation flags necessary for Python support.
2017-11-09 - Lawrence Rogers <lrr@cert.org> 3.16.0-3/4
* Release 3.16.0-3/4
Rebuilt with libfixbuf 1.8.0.

See Also

Package Description
silk-rwflowpack-3.17.2-4.fc29.x86_64.rpm SiLK Toolset: The Packer
silk-rwflowpack-3.17.2-6.fc29.x86_64.rpm SiLK Toolset: The Packer
silk-rwflowpack-3.18.0-2.fc29.x86_64.rpm SiLK Toolset: The Packer
silk-rwpollexec-3.17.2-4.fc29.x86_64.rpm SiLK Toolset: Batch Command Executor
silk-rwpollexec-3.17.2-6.fc29.x86_64.rpm SiLK Toolset: Batch Command Executor
silk-rwpollexec-3.18.0-2.fc29.x86_64.rpm SiLK Toolset: Batch Command Executor
silk-rwreceiver-3.17.2-4.fc29.x86_64.rpm SiLK Toolset: File Transfer Receiver
silk-rwreceiver-3.17.2-6.fc29.x86_64.rpm SiLK Toolset: File Transfer Receiver
silk-rwreceiver-3.18.0-2.fc29.x86_64.rpm SiLK Toolset: File Transfer Receiver
silk-rwsender-3.17.2-4.fc29.x86_64.rpm SiLK Toolset: File Transfer Sender
silk-rwsender-3.17.2-6.fc29.x86_64.rpm SiLK Toolset: File Transfer Sender
silk-rwsender-3.18.0-2.fc29.x86_64.rpm SiLK Toolset: File Transfer Sender
Advertisement
Advertisement