Picviz 0.2 is out!

["Sebastien Tricaud" <stricaud () inl fr>]

Release note for Picviz 0.2
===========================

Picviz is a parallel coordinates plotter which enables easy scripting from
various input (tcpdump, syslog, iptables logs, apache logs, etc..) to visualize
your data and discover interesting results quickly.

Picviz helps you to create, automate and understand parallel coordinates plots.

Its primary goal is to graph data in order to be able to quickly analyze
problems and find correlations among variables. With security analysis in mind,
the program has been designed to be very flexible, able to graph millions of
events.

The language is designed to be close to the graphviz graph description
language.

Picviz features a language to describe your graphs; An engine producing images
in parallel coordinates from this language; Python bindings to gather
calculated data, raw data and a frontend written in Python and QT4.

New features
============
 * Multiple PCV file inclusion. Instead of writing all your data in one single
   file, you can use templates and include them:
   {{{
       @include "template-header.pcv"
       axes {
           char foo [label="bar"];
           ipv4 src [label="source ip"];
       }
       ...
   }}}

 * New type: UTC. You can now set the utc type in the axes section like this:
 {{{
     axes {
         utc time;
         ...
     }
 }}}
  and then add data in the format "YYYY-MM-DD hh:mm:ss":
 {{{
     data {
         time="2008-08-07 14:01:00", ...
     }
 }}}
 The minimum representable time is 1901-12-13, and the maximum representable
 time is 2038-01-18. Because of the large scale, it is recommended to use this
 type in relative mode, that you activate prepending the following section in
 your PCV file:
 {{{
     engine {
         relative = "1";
     }
 }}}}

 * PLplot plugin: The plplot library (http://www.plplot.org), is used to
  generate those big files that will ruin inkscape or any SVG reader program
  that cannot handle 2 millions of lines! ;)
  This plugin behaves slightly differently from the SVG plugin since it is
  interactive: your are asked for the type of file you want and then for the
  output file name. I've got best graphs with the plplot-cairo driver.

  To have this plugin build, you need libplplot development headers and to
  use it, simply run: pcv -Tplplot file.pcv


Download
========

You can get the latest release from the project page at the following URL:
http://www.wallinfire.net/picviz/wiki/ReleasesDownload

MD5:
544b4c1fb19f95761d43aeb9ec60c4dd  picviz-0.2.tar.gz
SHA1:
ebf522c27a67cdd5fa8e7b9343c81634da6d6928  picviz-0.2.tar.gz
File size:
1129535

Credits
=======

I would like to thank:

* The honeypot project for useful data I've got with those old scan of the
  month challenges to validate my tool, create scripts etc...

* Yoann Vandoorselaere from Prelude IDS for his work on the string algorithm,
  the UTC type and the relative mode.

* Tomas Heinrich from Redhat for redex fixes in tools/syslog2picviz.pl.

* Alfred Inselberg from School of Mathematical Sciences, Tel Aviv University
 for the encouragements he gave me and his great achievement with parallel
 plots.


Enjoy!
Sebastien Tricaud.