This repository contains basic modules of the NEMEA system. The modules and their functionality/purposes are:
-
logger: export messages into CSV
-
logreplay: replay stored CSV
-
nfreader: replay stored nfdump file(s)
-
flow_meter: simple flow exporter from network interface controller (NIC) or PCAP file
-
unirecfilter: filtering module
-
anonymizer: module for anonymization of flow records
-
traffic_repeater: flow repeater module (e.g. for interconnection of modules using different types of communication interfaces)
-
flowcounter: simple example of flow counting module
-
report2idea: reporting modules that receive alerts from detectors and store them into database (MongoDB), file or send them into Warden
-
resolver: amend flow records with resolved fields
-
luamodule: module to filter or modify input stream of messages into one output stream of messages
-
merger: module for joining multiple input streams of messages into one output stream of messages
-
debug_sender: interactive tool (in Python) for creation and sending own messages/flow records