Monitoring for Large-Scale Networks
super_mediator
Downloads & Release HistorySuper Mediator Binary Package
To install Super Mediator via a pre-built RPM, see Install Super Mediator from the CERT Linux Forensics Tools Repository on the Super Mediator installation and dependencies page.
super_mediator Release 2.0.0.alpha1, 2022-Feb-24
Downloads
super_mediator-2.0.0.alpha1.tar.gz (645.3KiB)
(SHA256=c460effe17b044847bd4e40934cb74d12fabc0aba1e455d195d33c2d6393b3da)
Changelog
- Increased the flexibility of super_mediator by eliminating most internal template definitions and having it use the incoming template definitions instead.
- Changed the syntax of the configuration file; previous versions of the files need to be updated.
- Made changes to the command line parsing and eliminated several options. The configuration file is the preferred way to configure super_mediator.
- Enhanced statistics for types of records read from a collector and written to an exporter.
- Temporarily disabled SiLK IPset and MySQL support.
- Note: Exporting as delimited TEXT is lightly tested and contains bugs.
- Updated the fixbuf requirement to libfixbuf-3.0.0.
super_mediator Release 1.8.0, 2020-Dec-22
Downloads
super_mediator-1.8.0.tar.gz (743.1KiB)
(SHA256=d42ce8b1b0f830b384b031cc29d3dd08fff61adf408a76fb5b5088e63b10a688)
Changelog
- Added a new switch, --rewrite-ssl-certs, which restructures the template used for TLS/SSL certificates for IPFIX exporters. The template uses specific IEs for some fields in an SSL certificate. The --rewrite-ssl-certs switch also allows a super_mediator to read the new SSL template from an upstream super_mediator. Deduplication of the rewritten certificates is not supported.
- Added the ability to read the new SMTP DPI records exported by YAF 2.12.0.
- Added the observation domain ID to JSON output.
super_mediator Release 1.7.1, 2019-Oct-24
Downloads
super_mediator-1.7.1.tar.gz (728.8KiB)
(SHA256=42f95148bc0301555ba0b3f4ff46246e12904e7d5f9d7851ed04b847a9df6473)
Changelog
- Added ability to preserve observation domain of incoming records.
- Changed scope of Tombstone records to 3 for consistency with YAF.
- Fixed a crash when TCP collector and CLI --input are used concurrently.
super_mediator Release 1.7.0, 2019-Mar-18
Downloads
super_mediator-1.7.0.tar.gz (729.2KiB)
(SHA256=b4c8949df6791f34b614b5bd2bbf1631ca5c2510d14e551b12c859f9943341fb)
Changelog
- Support for FixBuf 2.3.0 added, and is now required.
- New YAF stats messages supported.
- New Tombstone format supported.
- Race condiditon addressed when exporter configured to GZIP and MOVE files.
- Dynamically generated dedup template names added.
- Option record bugfixes.
super_mediator Release 1.6.0, 2018-Apr-30
Downloads
super_mediator-1.6.0.tar.gz (724.1KiB)
(SHA256=eec12b7cab5164cb7e110c24931989e645c7ef59691d2b6937f4cc26c3ae508d)
Changelog
- Support for FixBuf 2.0.0 added, and is now required.
- Derive information elements from included XML files.
- Support for tombstone records added.
- Fixed flow output bugs where information elements were transposed.
- Support for cmake build removed.
super_mediator Release 1.5.3.1, 2018-Oct-29
Downloads
(SHA256=)
Changelog
- Maintenance release for 1.5.3
- Fix race condition resulting from using GZIP_FILES and MOVE
super_mediator Release 1.5.3, 2017-Oct-19
Downloads
super_mediator-1.5.3.tar.gz (699.7KiB)
(SHA256=4f46dcff1646cc211446477ee70794c15a0b01fe9d3907cad5462b45b36103c9)
Changelog
- Added template metadata (name and description) record output (libfixbuf 1.8.0 or greater required).
super_mediator Release 1.5.2, 2017-Mar-8
Downloads
super_mediator-1.5.2.tar.gz (691.8KiB)
(SHA256=1a76a1e6a8a4e4fe4fd84f6110566b32ffcd8b987ea50d64d47190c1a31e3d26)
Changelog
- Fix compile error introduced in version 1.5.1
super_mediator Release 1.5.1, 2017-Mar-6
Downloads
super_mediator-1.5.1.tar.gz (691.8KiB)
(SHA256=d17614b592734d1f60380315c073df769f60ae66f67acb7025d8afc7a560f0dd)
Changelog
- Add --become-user and --become-group command line options
- Bug Fix for compiling on Alpine Linux
super_mediator Release 1.5.0, 2017-Jan-5
Downloads
super_mediator-1.5.0.tar.gz (688.3KiB)
(SHA256=e07fd5545e41a935ff0a7df90a3e7a91ae869f3bd8f051b7d58816ad62c93da7)
Changelog
- Add support for adding VLAN/Observation IDs to deduplication keys
- Changed format of DEDUP Exporters (added flow start time associated with flow key hash)
- Add ability to insert EXPORTER name in deduplication output records
- Add ability to read gzip'd IPFIX files
- Other Bug Fixes
super_mediator Release 1.4.0, 2016-Oct-4
Changelog
- Add support for multiple protocol deduplication for IPFIX/JSON exporters
- Add post move file option for exporters
- Add PAYLOAD, RPAYLOAD export options to custom field lists
- Empty files are now removed by default
- Bug Fix for uploading MULTI_FILES files to a MySQL database
- Other Bug Fixes
super_mediator Release 1.3.0, 2016-Mar-8
Changelog
- Add file compression support for EXPORTERS
- Add Base64 Encode support for full certificate export
- Changed default file extension for JSON files to .json
- Bug Fix for ESCAPE_CHARS keyword for DNS_DEDUP Exporters
- Fix bug when command line arguments and config file are present
- Other Bug Fixes
super_mediator Release 1.2.2, 2016-Jan-7
Changelog
- Bug Fixes for JSON exporters
super_mediator Release 1.2.1, 2015-Dec-29
Changelog
- Add JSON output option to --output-mode switch
- Bug Fix for JSON exporters (DNS output)
super_mediator Release 1.2.0, 2015-Dec-22
Changelog
- Remove support for fixbuf releases prior to libfixbuf-1.7.0
- Collect and export sslServerName
- Collect, decode, and export full X.509 Certificates
- MD5 hashing of X.509 Certificates with OpenSSL support
- SHA1 hashing of X.509 Certificates with OpenSSL support
- Collect and export list of DHCP options
- Bug Fixes
super_mediator Release 1.1.3, 2015-Dec-7
Changelog
- Bug Fix for logging to syslog
- DNS Deduplication JSON export bug fix
- Update RPM spec file
super_mediator Release 1.1.2, 2015-Oct-28
Changelog
- Bug Fix for TCP/UDP collector(s) that receive minimal data
super_mediator Release 1.1.1, 2015-Jul-1
Changelog
- Bug Fix for Custom Field List Text Exporters
- Bug Fix for configuring SSL De-duplication MAX_HIT_COUNT and FLUSH_TIME
- super_table_creator will now create de-duplication tables
- Documentation updates
super_mediator Release 1.1.0, 2015-Jun-26
Changelog
- Requires libfixbuf 1.4.0 or greater
- SSL Certificate De-duplication
- Advanced SSL field export configuration
- Configurable De-duplication of any DPI Fields
- JSON file export
- Export of unnested DNS Resource Records
- New option to only export DNS Responses
- Add the ability to rotate and compress logs given a valid file directory
- New option to de-duplicate on only particular DNS resource record types
- MULTI_FILES CSV format change
- MySQL schema change for MULTI_FILES
- Bug Fix for Spread Collectors when daemon terminates
- Bug Fixes
super_mediator Release 1.0.2, 2014-Oct-15
Changelog
- Bug Fix for Collectors
super_mediator Release 1.0.1, 2014-Aug-12
Changelog
- Add support for escaping control characters and the delimiter character in DPI strings
- Bug Fix for DNP 3.0 text export
- Other Minor Bug Fixes.
super_mediator Release 1.0.0, 2014-Jun-13
Changelog
- Add support for multiple collectors
- Add support for naming collectors and exporters
- Collector name included in default flow text export
super_mediator Release 0.4.0, 2014-Mar-4
Changelog
- Added SCADA protocol and RTP DPI collection
- Added MySQL automatic reconnection capability
- Syslog logging capability
- Added ability to collect, print, and export MPLS labels
- Added ability to collect, print, and export Type of Service fields
- Incoming IPFIX records that use Delta counters will export the same fields
- Bug Fix for variable redeclaration on some operating systems
- Bug Fix for DNS deduplication timeout
- Other Bug Fixes
super_mediator Release 0.3.0, 2013-May-3
Changelog
- Added the ability to define new information elements for collection
- New filter fields: INGRESS and EGRESS
- Added the ability to "AND" filters
- Added New YAF 2.4.0 information elements
- Bug Fixes
super_mediator Release 0.2.2, 2013-Feb-26
Changelog
- Bug Fix for GLib version 2.32 or greater
- Added statistics timeout option for logging super_mediator stats
- Bug Fixes
super_mediator Release 0.2.1, 2013-Feb-8
Changelog
- Added Custom DPI Field List for Text Exporters
- Added --fields switch to command line arguments
- Bug Fix for Time output on some platforms
- Bug Fix for SSL/TLS Text Export
super_mediator Release 0.2.0, 2013-Jan-16
Changelog
- Retry exporter connections when lost
- Keep export statistics per exporter
- Bug Fix for polling directory for IPFIX files
- Bug Fix for moving collector files
super_mediator Release 0.1.9, 2012-Dec-6
Changelog
- Added Custom Field Lists for Text Exporters
- Bug Fix for reading from stdin
- Other Bug Fixes
super_mediator Release 0.1.8, 2012-Oct-26
Changelog
- Bug Fixes.
super_mediator Release 0.1.7, 2012-Oct-9
Changelog
- Added ability to filter by IP in IPset (requires SiLK IPset library)
- DNS IPFIX export bug fix.
- Add Max TTL Field to DNS Deduplicated IPFIX output
super_mediator Release 0.1.6, 2012-Sep-10
Changelog
- Added Automatic import into MySQL database
- Bug Fixes
super_mediator Release 0.1.5, 2012-Jul-31
Changelog
- Added DNSSEC awareness.
- Added New SSL Information Elements.
- Added flow stats elements from YAF 2.3.0.
- Added DHCP Fingerprinting Elements.
- Enhancements for uploading CSV files to a database.
- Bug Fixes.
super_mediator Release 0.1.4, 2012-Jun-12
Changelog
- Added option to timestamp rolling DPI CSV files.
- Added option to print flow "index" with DPI data.
- Bug Fixes.
super_mediator Release 0.1.3, 2012-May-7
Changelog
- Enhanced DPI to CSV export.
- Bug Fixes.
super_mediator Release 0.1.2, 2012-Apr-3
Changelog
- Bug Fix for multiple exporters.
- Bug Fix for 64 bit OS for text exporters.
super_mediator Release 0.1.1, 2012-Mar-28
Changelog
- Option to remove empty output files
- Improved Logging
- Bug Fix for de-duplication of DNS NXDomain Records
- Other Bug Fixes.
super_mediator Release 0.1.0, 2012-Mar-1
Changelog
- Initial Release
© 2006–2022 Carnegie Mellon UniversityLegal |
Privacy Notice |
