Nemea framework is the heart of the Nemea system. It contains implementation of common communication interfaces, UniRec data format and useful datastructures and algorithms.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
common libtrap: BUGFIX Explicit conversion from int to char (#111) Dec 8, 2018
examples
jenkins
libtrap
m4
pycommon
pytrap
unirec
.gitignore
.travis.yml
Makefile.am
README.md
bootstrap.sh
clean_source_codes.sh merge from homeproj.cesnet Aug 7, 2015
clean_trailing_white_spaces.sh
configure.ac
create_module.sh.in
generate-metarpm.sh
how-to-contribute.md
nemea-framework.spec.in

README.md

Nemea Framework

This repository contains base libraries for a Nemea system. The Nemea system is a modular system that consists of independent modules for network traffic analysis and anomaly detection.

The framework consists of:

  • libtrap -- communication interface for messages transfer between Nemea modules
  • UniRec -- flexible and efficient data format of flow-records
  • common -- usefull common functions and data structures
  • pytrap -- python wrapper for libtrap and UniRec that allows development of nemea modules in python
  • pycommon -- python common modules and methods, there is currently a support of alerts creation in the IDEA format that can be stored into MongoDB or sent to the Warden incident sharing system

Installation

This repository is usually used as a git submodule of https://github.com/CESNET/Nemea However, it can be installed independently using:

./bootstrap.sh
./configure
make
sudo make install

For information about configuration options see:

./configure --help

Python parts must be installed separately when needed. It can be done using:

cd pytrap; sudo python setup.py install

and

cd pycommon; sudo python setup.py install

Project status:

License: BSD license

Travis CI build: Build Status

Coverity Scan: Coverity Scan Build Status

CodeCov: codecov.io

Ohloh: Ohloh Project Status