# silk.conf for the "twoway" site
# RCSIDENT("$SiLK: silk.conf 52d8f4f62ffd 2012-05-25 21:16:30Z mthomas $")

# For a description of the syntax of this file, see silk.conf(5).

# The syntactic format of this file

#    version 2 supports sensor descriptions, but otherwise identical to 1
version 2

# NOTE: Once data has been collected for a sensor or a flowtype, the
# sensor or flowtype should never be removed or renumbered.  SiLK Flow
# files store the sensor ID and flowtype ID as integers; removing or
# renumbering a sensor or flowtype breaks this mapping.

sensor 1 cvrlWanDist "NetFlow exporter at 10.1.31.71"
sensor 2 cvrlWanDistA "NetFlow exporter at 10.1.31.70"
sensor 3 netflow1cisco "Netflow exporter at 10.146.65.25"
sensor 4 netflow2juniper "Netflow exporter at 10.146.65.26"
sensor 5 rogersPrdFw "cgy-gca-r0306-01-ngfw-prd-ha"

class all
    sensors cvrlWanDist cvrlWanDistA netflow1cisco netflow2juniper rogersPrdFw
end class

# Editing above this line is sufficient for sensor definition.

# Be sure you understand the workings of the packing system before
# editing the class and type definitions below.  In particular, if you
# change or add-to the following, the C code in packlogic-twoway.c
# will need to change as well.

class all
    type  0 in      in
    type  1 out     out
    type  2 inweb   iw
    type  3 outweb  ow
    type  4 innull  innull
    type  5 outnull outnull
    type  6 int2int int2int
    type  7 ext2ext ext2ext
    type  8 inicmp  inicmp
    type  9 outicmp outicmp
    type 10 other   other

    default-types in inweb inicmp
end class

default-class all

# The layout of the tree below SILK_DATA_ROOTDIR.
# Use the default, which assumes a single class.
# path-format "%T/%Y/%m/%d/%x"

# The plug-in to load to get the packing logic to use in rwflowpack.
# The --packing-logic switch to rwflowpack will override this value.
# If SiLK was configured with hard-coded packing logic, this value is
# ignored.
packing-logic "packlogic-twoway.so"