CERT/CC
background
background
CERT NetSA Security Suite 
Open Source Tools for Network Monitoring 
News | Documentation | Downloads
YAF 0.8.1 | NAF 0.6.0 | SiLK 1.0.1 | RAVE 1.9.9
fixbuf 0.7.3 | ipa 0.2.1 | airdbc 0.2.2 | airframe 0.7.2 | Portal 0.8.0
SiLK - Documentation - rwipaimport
Documentation | Downloads | Release Notes | FAQ | License | Credits | Reference Data | Live CD

NAME

rwipaimport - Import SiLK IP collections into an IPA catalog

SYNOPSIS

  rwipaimport --catalog=CATALOG [--description=DESCRIPTION]
        [--start-time=START_TIME] [--end-time=END_TIME] INPUT_FILE

DESCRIPTION

rwipaimport reads a SiLK IPSet, Bag, or Prefix Map (pmap) file and imports its contents into an IPA catalog. An IPA catalog is a collection of sets, bags, and prefix maps which can have an optional time period associated with them defining when that particular collection of data is considered valid.

OPTIONS

Option names may be abbreviated if the abbreviation is unique or is an exact match for an option. A parameter to an option may be specified as --arg=param or --arg param, though the first form is required for options that take optional parameters.

--catalog=CATALOG_NAME
Specifies the name of the IPA catalog to import into. If the catalog does not already exist in the IPA data store, it will be created. This option is required.

--description=DESCRIPTION
An optional text description of the catalog's contents. This description will be stored in the database and will be visible when querying available catalogs with the ipaquery tool. The description will only be added to new catalogs; if you import a dataset into an existing catalog, this option is ignored.

--start-time=START_TIME
Specifies the beginning of the time range for which the imported data is valid. The expected format of this option is YYYY/MM/DD[:HH[:MM[:SS]]]. For more information about this argument, refer to the TIME RANGES section of ipaimport(1).

--end-time=END_TIME
Specifies the end of the time range for which the imported data is valid. The expected format of this option is YYYY/MM/DD[:HH[:MM[:SS]]]. For more information about this argument, refer to the TIME RANGES section of rwipaimport.

EXAMPLES

To import an IPSet into a new catalog with the name ``testset'' and a short description, with data valid for only the month of April, 2007:

    $ rwipaimport --catalog=testset --desc="Test set catalog"    \
        --start=2007/04/01 --end=2007/04/30:23:59:59             \
        test-april.set

To import a Bag file into a new catalog with no information about time validity:

    $ rwipaimport --catalog=testbag test.bag

SEE ALSO

rwipaexport(1), ipaimport(1), ipaexport(1), ipaquery(1)

YAF | NAF | SiLK | RAVE | fixbuf | ipa | airdbc | airframe | Portal
SiLK is part of the NetSA Security Suite, developed by the CERT NetSA group
at the Software Engineering Institute at Carnegie Mellon University.

© 2002-2008 Carnegie Mellon University