User login

Search Projects

Project Members

Shane Alcock admin

Maji

Maji is an implementation of an IPFIX meter based on the libtrace packet capture and processing library. IPFIX itself is a standardised method for performing and exporting flow measurement data, similar to the Cisco NetFlow standard.

One of the main features of Maji is the ability for users to easily define a custom template that describes the information they want Maji to report. This includes the definition of the flow key, which may be something other than a standard 5-tuple.

Maji supports multiple transports for exporting IPFIX records, including TCP, UDP, SCTP and writing directly to standard output.

12

Mar

2012

Released libtrace 3.0.14 - mostly just a bug fix release. I also separated the I/O stuff into a separate library so that it can be used outside of libtrace.

Took a quick look at maji again to see if we can use it as part of the MSI project. Fixed up some bugs that became apparent when exporting lots of flow records. Also decided that maji would work a lot better if it underwent a major design change, but resisted the temptation to do so for now.

Secured the RT exporter connected to the live capture point so that only WAND machines can connect to it - someone from a lightwire address had connected to it and sent something invalid which broke the whole wdcap process. The RT exporter also now handles invalid client responses better :)

Started looking at Andreas' time series anomaly detection code. The existing system only really works with offline data, so the first goal is to get it running against a "live" input source.