[netsa-tools-discuss] Collection and analysis of Vendor specific IPFIX information elements using SiLK 3.10.2
Abhishek Dey
abhishek_dey at outlook.com
Mon Aug 24 05:53:46 EDT 2015
Hello CERT-Netsa,
I am planning to use SiLK as
an IPFIX collector and analyzer in my project. I need to collect some private enterprise specific information elements and store those fields together with RFC defined fields as SiLK records for analysis. I have noticed that SiLK uses libfixbuf library
which supports collection of any vendor specific information element in IPFIX
records.
Therefore I would like to know
how can I add support for collection and analysis of enterprise specific
fields in SiLK i.e. which source files should I modify to achieve the
following:
i.
Collect and store
the private enterprise specific information elements with RFC defined elements in SiLK record
format
ii.
Analyse the stored
silk record formats containing both RFC defined and private enterprise specific fields and
filter/display them using tools like rwfilter, rwcut, any other plugin which I need to modify to add the support.
It would be very helpful if you
can provide me with the necessary information.
Thank and Regards,
Abhishek
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the netsa-tools-discuss
mailing list