Net::Silk - Interface to the SiLK network flow library
Net::Silk is a perl binding to the SiLK network flow library. SiLK is self-described as:
SiLK, the System for Internet-Level Knowledge, is a collection of traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks. The SiLK tool suite supports the efficient collection, storage, and analysis of network flow data, enabling network security analysts to rapidly query large historical traffic data sets. SiLK is ideally suited for analyzing traffic on the backbone or border of a large, distributed enterprise or mid-sized ISP.
The SiLK suite can be found here.
The following are available via the
:basic export tag. They pertain to how the SiLK library was compiled:
SILK_IPV6_ENABLED SILK_ZLIB_ENABLED SILK_LZO_ENABLED SILK_LOCALTIME_ENABLED SILK_INITIAL_TCPFLAGS_ENABLED
Returns a list of available compression methods.
Returns either "UTC" or "local" depending on how SiLK was compiled.
Net::Silk::RWRec, Net::Silk::IPSet, Net::Silk::Bag, Net::Silk::Pmap, Net::Silk::IPWildcard, Net::Silk::Range, Net::Silk::CIDR, Net::Silk::IPAddr, Net::Silk::TCPFlags, Net::Silk::ProtoPort, Net::Silk::File, Net::Silk::Site, silk(7)
Copyright (C) 2011-2019 by Carnegie Mellon University
Use of the Net-Silk library and related source code is subject to the terms of the following licenses:
GNU Public License (GPL) Rights pursuant to Version 2, June 1991 Government Purpose License Rights (GPLR) pursuant to DFARS 252.227.7013
See GPL.txt and LICENSE.txt for more details.