Packages

  • package root

    This is documentation for Mothra, a collection of Scala and Spark library functions for working with Internet-related data.

    This is documentation for Mothra, a collection of Scala and Spark library functions for working with Internet-related data. Some modules contain APIs of general use to Scala programmers. Some modules make those tools more useful on Spark data-processing systems.

    Please see the documentation for the individual packages for more details on their use.

    Scala Packages

    These packages are useful in Scala code without involving Spark:

    org.cert.netsa.data

    This package, which is collected as the netsa-data library, provides types for working with various kinds of information:

    org.cert.netsa.io.ipfix

    The netsa-io-ipfix library provides tools for reading and writing IETF IPFIX data from various connections and files.

    org.cert.netsa.io.silk

    To read and write CERT NetSA SiLK file formats and configuration files, use the netsa-io-silk library.

    org.cert.netsa.util

    The "junk drawer" of netsa-util so far provides only two features: First, a method for equipping Scala scala.collection.Iterators with exception handling. And second, a way to query the versions of NetSA libraries present in a JVM at runtime.

    Spark Packages

    These packages require the use of Apache Spark:

    org.cert.netsa.mothra.datasources

    Spark datasources for CERT file types. This package contains utility features which add methods to Apache Spark DataFrameReader objects, allowing IPFIX and SiLK flows to be opened using simple spark.read... calls.

    The mothra-datasources library contains both IPFIX and SiLK functionality, while mothra-datasources-ipfix and mothra-datasources-silk contain only what's needed for the named datasource.

    org.cert.netsa.mothra.analysis

    A grab-bag of analysis helper functions and example analyses.

    org.cert.netsa.mothra.functions

    This single Scala object provides Spark SQL functions for working with network data. It is the entirety of the mothra-functions library.

    Definition Classes
    root
  • package org
    Definition Classes
    root
  • package cert
    Definition Classes
    org
  • package netsa
    Definition Classes
    cert
  • package io
    Definition Classes
    netsa
  • package silk

    SiLK file formats, data types, and methods to read them, including support for reading them from Spark.

    SiLK file formats, data types, and methods to read them, including support for reading them from Spark.

    RWRec is the type of SiLK flow records.

    You can use RWRecReader to read SiLK files from Scala, including compressed files if Hadoop native libraries are available. For example:

    import org.cert.netsa.io.silk.RWRecReader
import java.io.FileInputStream

val inputFile = new FileInputStream("path/to/silk/rw/file")

for ( rec <- RWRecReader.ofInputStream(inputFile) ) {
  println(rec.sIP)
}
    Definition Classes
    io
    See also

    org.cert.netsa.mothra.datasources.silk.flow for working with SiLK data in Spark using the Mothra SiLK datasource.

  • package config
    Definition Classes
    silk
  • ClassConfig
  • FlowTypeConfig
  • FlowTypeMap
  • GroupConfig
  • SensorConfig
  • SensorMap
  • package io
    Definition Classes
    silk

package config

Ordering
  1. Alphabetic
Visibility
  1. Public
  2. Protected

Type Members

  1. case class ClassConfig(name: String, defaultTypeNames: Set[String], sensorNames: Set[String], flowTypes: FlowTypeMap) extends Product with Serializable

    Configuration entry for SiLK flow class.

    Configuration entry for SiLK flow class.

    name

    The name of the SiLK class.

    defaultTypeNames

    The names of the types examined by default in this class.

    sensorNames

    The names of the sensors containing data for this class.

  2. case class FlowTypeConfig(id: FlowType, className: String, typeName: String, flowTypeName: String) extends Product with Serializable

    Configuration entry for SiLK flow type.

    Configuration entry for SiLK flow type.

    id

    The numeric ID of this flowtype.

    className

    The name of the class this flowtype belongs to.

    typeName

    The name of the type for this flowtype in its class.

    flowTypeName

    The label used for this flowtype in filenames.

  3. class FlowTypeMap extends Serializable

    Flowtype configuration map.

    Flowtype configuration map. This is freely convertible to and from Map[FlowType, FlowTypeConfig].

    Annotations
    @SerialVersionUID()
  4. case class GroupConfig(name: String, sensorNames: Set[String]) extends Product with Serializable

    Configuration entry for SiLK sensor group.

    Configuration entry for SiLK sensor group. Mainly used internally to config file.

    name

    The name of this sensor group.

    sensorNames

    The names of the sensors belonging to this sensor group.

  5. case class SensorConfig(id: Sensor, name: String, description: Option[String]) extends Product with Serializable

    Configuration entry for SiLK sensor.

    Configuration entry for SiLK sensor.

    id

    The numeric ID of this sensor, stored in SiLK flow records.

    name

    The symbolic name of this sensor.

    description

    An optional text description for this sensor.

  6. class SensorMap extends Serializable

    Sensor configuration map.

    Sensor configuration map. This is freely convertible to and from Map[Sensor, SensorConfig].

    Annotations
    @SerialVersionUID()

Value Members

  1. object FlowTypeMap extends Serializable
  2. object SensorMap extends Serializable

Ungrouped