![[CAIDA - Center for Applied Internet Data Analysis logo]](/images/caida_globe_faded.png "Go to CAIDA home page")
NOTE: Corsaro v2 is deprecated in favor of Corsaro 3. Ongoing Corsaro development is updated at the CAIDA/corsaro3 GitHub repository.
Download
Please check the Corsaro3 github for the latest version: Corsaro 3 GitHub
Introduction
Corsaro allows high-speed analysis of trace data on a per-packet basis and provides a mechanism for aggregating results based on customizable time intervals. Trace data is read using the libtrace trace processing library, and a high-level IO abstraction layer allows results to be transparently written to compressed files, using threaded IO. The actual trace analysis logic is clearly separated into a set of plugins, several of which are shipped with Corsaro.
In addition to the Core Plugins which are shipped with Corsaro, the plugin framework makes the creation of new plugins as simple as possible. The low overhead involved in creating a new plugin, coupled with the efficiency and reliability of Corsaro means that it can be used both to perform ad-hoc exploratory investigations as well as in a production context to carry out large-scale near-realtime analysis.
Corsaro can be used both as a library and as a stand-alone application for processing any format of trace data that libtrace supports. The Corsaro distribution also includes several other supporting tools for basic analysis of Corsaro output data.
Presentations
| 2014 Mar | A. King | Internet Garbage: Storage, Access, and Analysis | Workshop on Network Data Storage, Access and Analysis (NDSAA) at SWITCH |
| 2013 Feb | A. King | Toward Realtime Visualization of Garbage | Internet Statistics and Metrics Analysis Workshops (Workshop on Active Internet Measurements) |
| 2012 May | A. King | Corsaro | Intl Workshop on Darkspace and UnSolicited Traffic Analysis (DUST) |