Up One Level PySiLK: SiLK in Python Contents
Previous: Up: 1 silk Next:


1.7 RWRec Objects

An RWRec object represents a SiLK record.

class RWRec( [rec],[field=value],...)
This constructor creates an empty RWRec object. If an RWRec rec is supplied, it will create a copy of rec. The variable rec can be a dictionary, such as that supplied by RWRec.as_dict(). Initial values for record fields can be included.

Example: 

>>> recA = RWRec(input=10, output=20)
>>> recB = RWRec(recA, output=30)
>>> (recA.input, recA.output)
(10, 20)
>>> (recB.input, recB.output)
(10, 30)

Instance attributes:

Attribute Value Type
application The ``service'' port set by the collector integer
bytes The count of the number of bytes in the flow integer
classname The class name of the record (read-only) (1) string
classtype A tuple of the class name and type name of the record (1) (string, string)
dip The destination IP (can be set as a string) IPAddr
dport The destination port integer
duration The duration of the flow datetime.timedelta
etime The end time of the flow datetime.datetime
initflags The TCP flags of the first packet of the flow (may be None) TCPFlags
icmpcode The ICMP code (only valid if protocol is 1) integer
icmptype The ICMP type value (only valid if protocol is 1) integer
input The router's incoming SNMP interface integer
nhip The router's next-hop IP (can be set as a string) IPAddr
output The router's outgoing SNMP interface integer
packets The packet cout for the flow integer
protocol The IP protocol integer
restflags The union of the flags of all but the first packet of the flow (may be None) TCPFlags
sensor The sensor ID (1) string
sip The source IP (can be set as a string) IPAddr
sport The source port integer
stime The start time of the flow datetime.datetime
tcpflags The union of the TCP flags of all packets in the flow TCPFlags
timeout_killed Whether the flow ended early due to timeout by the collector (may be None) boolean
timeout_started Whether the flow is a contination from a timed-out flow (may be None) boolean
typename The type name of the record (read-only) (1) string
Notes:
(1)
Using or setting this attribute implicitly calls init_site with no argument if it has not yet been called.

Supported methods:

is_web( )
True if the record can be represented as a web record, False otherwise.

as_dict( )
Returns a dictionary representing the contents of the record. Implicitly calls init_site with no argument if it has not yet been called.

__str__( )
For an record rec, str(rec) returns the string representation of rec.as_dict().

Supported operations:

Operation Result
rec1 == rec2 True if rec1 is structurally equivalent to rec2
rec1 != rec2 True if rec1 is not structurally equivalent to rec2

Up One Level PySiLK: SiLK in Python Contents
Previous: Up: 1 silk Next:
Release 1.0.1.