[netsa-tools-discuss] Collection and analysis of Vendor specific IPFIX information elements using SiLK 3.10.2

Abhishek Dey abhishek_dey at outlook.com
Mon Aug 24 05:53:46 EDT 2015

Hello CERT-Netsa,

I am planning to use SiLK as
an IPFIX collector and analyzer in my project. I need to collect some private enterprise specific information elements and store those fields together with RFC defined fields as SiLK records for analysis. I have noticed that SiLK uses libfixbuf library
which supports collection of any vendor specific information element in IPFIX


Therefore I would like to know
how can I add support for collection and analysis of enterprise specific
fields in SiLK i.e. which source files should I modify to achieve the

Collect and store
the private enterprise specific information elements with RFC defined elements in SiLK record

Analyse the stored
silk record formats containing both RFC defined and private enterprise specific fields and
filter/display them using tools like rwfilter, rwcut, any other plugin which I need to modify to add the support.


It would be very helpful if you
can provide me with the necessary information.


Thank and Regards,

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the netsa-tools-discuss mailing list