Analysis Pipeline Release 4.5.1, 2016-May-6
Downloads
(SHA256=8abe2a14bc222fdf08657098982401e5f0407946f919c2c9f25f90586897cbaf)
Notes
- Bug fixes that replace version 4.5.
Analysis Pipeline Release 4.5, 2016-Apr-29
Downloads
(SHA256=3b217b01e51db727b1f5f18b4a146469d2eb9113cacef98c07e2fb63f01bac4a)
Notes
- Memory and processing efficiency improvements.
- SiLK flags format now accepted for flags fields.
- Added derived fields for timestamps for the flow key hash.
- Watchlists and bracketted list files accepted for all fields.
- Bags can be used for custom thresholds.
Analysis Pipeline Release 4.4.1, 2014-Oct-28
Downloads
(SHA256=7f330f3260f4950bc1ff842dbf53a7f55e74948420752e0bca2ee2a4cb657019)
Notes
- Pmaps files are now reloaded when updated similar to IPSet files
- Bug fix with reloading IPSet files
Analysis Pipeline Release 4.4, 2014-Sep-12
Downloads
(SHA256=954f8ac6b64a96b35e632485dd39c01d83384a42cd1d2af581ef798d115bd10e)
Notes
- Pmaps can be used for processing data
- List bundles added, which alert if a value is in all lists in bundle
- Filters can use bracketted list of tuples now.
- ANY IP/PORT can be used in FOREACH to build state for both
Analysis Pipeline Release 4.3.2, 2013-Dec-30
Downloads
(SHA256=015a6e8e0e6b34f2efbfe043239c8153a2385dd527918131610d8e7bd1588d17)
Notes
- Small bug fixes
Analysis Pipeline Release 4.3.1, 2013-Dec-20
Downloads
(SHA256=7758ebc19afd839b661b3818c2655c22171b354fb42ba03a51e8a86bc44ff3e7)
Notes
- CLEAR NEVER or CLEAR ALWAYS must now be specified in evals
- Efficiency improvements
Analysis Pipeline Release 4.3, 2013-Dec-17
Downloads
(SHA256=c564fbde7b74c803d308435d9f8640b21baff5adc8df9215034466deb7967f88)
Notes
- Lists made by INTERNAL FILTERs can be seeded by an IPSet file.
- Lists made by INTERNAL FILTERs can drop IPSet files on update.
- Efficiency improvements
- Small bug fixes
Analysis Pipeline Release 4.2, 2013-Feb-15
Downloads
(SHA256=bae06d32dc7feb701401b7fc0ad943640938563d355724c5dd4abb60b7233264)
Notes
- Added a new primitive for statistics: DIFFERENCE DISTRIBUTION
- Updated available fields for the iterative comparison
- Statistics can now have a forever duration
- Added a BYTES_PER_PACKET field
Analysis Pipeline Release 4.1, 2013-Jan-4
Downloads
(SHA256=5ab91cb42c64e2cd81091968982e52c1692154e149c76d532b9e0e8f1de16a73)
Notes
- Lists created by internal filters can now send alerts
- Removed the need for underscores in the config file
- Can now alert when an output is removed by an evaluation
- When pipeline runs out of memory, the alert contains the memory used
- Evaluations that hit output threshold can be shut down temporarily
Analysis Pipeline Release 4.0.1, 2011-Oct-4
Downloads
(SHA256=c252571bde3a83cf117fdc58be89de7b0e14ddd92cdb0293d540d0427a2ed223)
Notes
- Notable jump in features, flexbility, and improved internals from version 3.0.0
- Cleaner configuration language. Can just give filename of ipset in the filter rather than using a list structure.
- Uses field lists to build tuples, rather than hard coded in v3
- Added a way to configure lists to manager their counts and send alerts periodically on their own
- Can have multiple output lists for evaluations using FOREACH. Simpler language to define them.
- Created a mechanmism to allow multiple filters to provide flows for an evaluation.
Analysis Pipeline Release 3.0.0, 2010-Sep-28
Downloads
(SHA256=d94dc1760842725a519662932111709dd207b312191b90286668d886f33a9fc4)
Notes
- Initial public release
Dependencies
- SiLK — Analysis Pipeline requires SiLK 2.1 or later
