SiLK Data Services for Metron

All telemetry data gets stored into the security valuat of metron which is HDFS. For this dataset, we need provide a set of data services that incorproates the SiLK tooling.

A SiLK installation consists of two categories of applications: the packing system and the analysis suite. The packing system collects IPFIX, NetFlow v9, or NetFlow v5 and converts the data into a more space efficient format, recording the packed records into service-specific binary flat files. The analysis suite consists of tools which read these flat files and perform various query operations, ranging from per-record filtering to statistical analysis of groups of records. The analysis tools interoperate using pipes, allowing a user to develop a relatively sophisticated query from a simple beginning.

The goal should be to use thej SiLK analysis suite on the data in the Metron Security Vault.