Matt Sisk
and 1 contributors

NAME

Net::Silk::File - SiLK flow file interface

SYNOPSIS

  use Net::Silk::File;
  use Net::Silk::IPSet;

  my $rwfile = Net::Silk::File->open('<', 'flow_file');
  my $sip_set = Net::Silk::IPSet->new;
  while (<$rwfile>) {
    $sip_set->add($_->sip);
  }

  ###

  open(my $fh, "rwfilter --start-date=2015/01/16 " .
                         "--end-date=2015/01/16  " .
                         "--type=inweb " .
                         "--all-destination=stdout |") or die "oops: $!";

  my $rwf = Net::Silk::File->open_fh($fh);
  while (<$rwf>) {
    ...
  }

DESCRIPTION

Net::Silk::File is an IO class for writing to or reading from SiLK flow files.

METHODS

open($mode, $filename, %opt)
open($spec, %opt)

Opens a file using the given mode and returns a Net::Silk::File object. Mode can be '<' for read, '>' for write, or '>>' for append. In the second form, the mode can be part of the filename strings, e.g. ">filename", similar to the native perl open() function.

The following optional keyword arguments are accepted:

compression

Specifies the type of compression to use in write mode. Valid compression modes are:

  default
  best
  none
  zlib
  lzo1x
policy

Specifies how to handle IPv6 records in the file. Valid policy options are:

  ignore
  asv4
  mix
  force
  only
notes

Array of annotation strings to add to the file header when writing to a file.

invocations

Array of invocation strings to add to the file header when writing to a file.

open_fh($fileno, $mode, %opt)
open_fh($fileno, %opt)

Open a file handle or file descriptor in the given mode ('<', '>', or '>>'). If no mode is given, then '<' is assumed. Keyword options are the same as with open(), with the addition of an optional 'filename' parameter if there is a filename associated with the descriptor.

close()

Close the flow file.

name()

Return the filename of the opened file.

notes()

Return a list of annotations present in the file header.

invocations()

Return a list of invocations present in the file header.

read()

Return the next Net::Silk::RWRec from the file. This will slurp the whole file if invoked in array context.

write($rwrec)

Write a Net::Silk::RWRec to the file.

IO OPERATION

The Net::Silk::File object references are IO handles and work with the <> operator. The following are equivalent:

  while (my $r = $f->read()) {
    ...
  }

  while (my $r = <$f>) {
    ...
  }

SEE ALSO

Net::Silk, Net::Silk::RWRec, Net::Silk::IPSet, Net::Silk::Bag, Net::Silk::Pmap, Net::Silk::IPWildcard, Net::Silk::Range, Net::Silk::CIDR, Net::Silk::IPAddr, Net::Silk::TCPFlags, Net::Silk::ProtoPort, Net::Silk::Site, silk(7)

COPYRIGHT & LICENSE

Copyright (C) 2011-2016 by Carnegie Mellon University

Use of the Net-Silk library and related source code is subject to the terms of the following licenses:

GNU Public License (GPL) Rights pursuant to Version 2, June 1991 Government Purpose License Rights (GPLR) pursuant to DFARS 252.227.7013

NO WARRANTY

See GPL.txt and LICENSE.txt for more details.