/Nemea-Modules

Base modules of the Nemea system. This repository contains modules for export, replay, filtering, merging etc.

Primary LanguageC++OtherNOASSERTION

NEMEA Modules

This repository contains basic modules of the NEMEA system. The modules and their functionality/purposes are:

  • logger: export messages into CSV

  • logreplay: replay stored CSV

  • nfreader: replay stored nfdump file(s)

  • flow_meter: simple flow exporter from network interface controller (NIC) or PCAP file

  • unirecfilter: filtering module

  • anonymizer: module for anonymization of flow records

  • traffic_repeater: flow repeater module (e.g. for interconnection of modules using different types of communication interfaces)

  • flowcounter: simple example of flow counting module

  • report2idea: reporting modules that receive alerts from detectors and store them into database (MongoDB), file or send them into Warden

  • resolver: amend flow records with resolved fields

  • luamodule: module to filter or modify input stream of messages into one output stream of messages

  • merger: module for joining multiple input streams of messages into one output stream of messages

  • debug_sender: interactive tool (in Python) for creation and sending own messages/flow records