CESNET
diff --git a/‎src/plugins/process/basicPlus/README.md‎
Lines changed: 27 additions & 23 deletions b/‎src/plugins/process/basicPlus/README.md‎
Lines changed: 27 additions & 23 deletions
diff --git a/‎src/plugins/process/bstats/README.md‎
Lines changed: 33 additions & 0 deletions b/‎src/plugins/process/bstats/README.md‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎src/plugins/process/bstats/src/burst.hpp‎
Lines changed: 13 additions & 13 deletions b/‎src/plugins/process/bstats/src/burst.hpp‎
Lines changed: 13 additions & 13 deletions
diff --git a/‎src/plugins/process/bstats/src/burstStats.cpp‎
Lines changed: 53 additions & 34 deletions b/‎src/plugins/process/bstats/src/burstStats.cpp‎
Lines changed: 53 additions & 34 deletions
diff --git a/‎src/plugins/process/bstats/src/burstStats.hpp‎
Lines changed: 10 additions & 10 deletions b/‎src/plugins/process/bstats/src/burstStats.hpp‎
Lines changed: 10 additions & 10 deletions
@@ -1,37 +1,41 @@
 # BasicPlus Plugin
 
-The **BasicPlus Plugin** is a module for the IPFIXprobe exporter, designed to extend flow records with additional basic network information.
+The **BasicPlus** plugin extends flow records with additional basic network information to provide richer visibility into network flows.
 
 ## Features
 
-- Extends basic flow export data. 
-- Extracts and exports additional fields from network flows.
-
+- Extends standard flow export data with additional fields.  
+- Extracts and exports key network-level fields for both directions of a flow.  
 
 ## Output Fields
 
-| Field Name      | Data Type | Description                                                 |
-|-----------------|-----------|-------------------------------------------------------------|
-| IP_TTL          | uint8_t   | IP time-to-live in source-to-destination direction          |
-| IP_TTL_REV      | uint8_t   | IP time-to-live in destination-to-source direction          |
-| IP_FLG          | uint8_t   | IP flags in source-to-destination direction                 |
-| IP_FLG_REV      | uint8_t   | IP flags in destination-to-source direction                 |
-| TCP_WIN         | uint16_t  | TCP window size in source-to-destination direction          |
-| TCP_WIN_REV     | uint16_t  | TCP window size in destination-to-source direction          |
-| TCP_OPT         | uint64_t   | TCP options in source-to-destination direction              |
-| TCP_OPT_REV     | uint64_t   | TCP options in destination-to-source direction              |
-| TCP_MSS         | uint32_t  | TCP maximum segment size in source-to-destination direction |
-| TCP_MSS_REV     | uint32_t  | TCP maximum segment size in destination-to-source direction |
-| TCP_SYN_SIZE    | uint16_t  | TCP syn packet size (only one in bidirectional flow)        |
+| Field Name    | Data Type | Description |
+|---------------|-----------|-------------|
+| `IP_TTL`      | `uint8_t` | IP time-to-live (source → destination) |
+| `IP_TTL_REV`  | `uint8_t` | IP time-to-live (destination → source) |
+| `IP_FLG`      | `uint8_t` | IP flags (source → destination) |
+| `IP_FLG_REV`  | `uint8_t` | IP flags (destination → source) |
+| `TCP_WIN`     | `uint16_t`| TCP window size (source → destination) |
+| `TCP_WIN_REV` | `uint16_t`| TCP window size (destination → source) |
+| `TCP_OPT`     | `uint64_t`| TCP options (source → destination) |
+| `TCP_OPT_REV` | `uint64_t`| TCP options (destination → source) |
+| `TCP_MSS`     | `uint32_t`| TCP maximum segment size (source → destination) |
+| `TCP_MSS_REV` | `uint32_t`| TCP maximum segment size (destination → source) |
+| `TCP_SYN_SIZE`| `uint16_t`| TCP SYN packet size (only one per bidirectional flow) |
 
 ## Usage
 
-Once enabled, the plugin will automatically process flows and add the export fields to each record.
+### YAML Configuration
+
+Add the plugin to your ipfixprobe YAML configuration:
+
+```yaml
+process_plugins:
+  - basicplus
+```
 
-1. ``` make install ```.
-2. ``` ipfixprobe -p "basicplus" ... " ```
-3. Extracted values are exported to the output interface.
+### CLI Usage
 
-## Support
+You can also enable the plugin directly from the command line:
 
-For issues or feature requests, please open an issue in the [IPFIXprobe repository](https://github.com/CESNET/ipfixprobe).
+```ipfixprobe -p basicplus ...```
@@ -0,0 +1,33 @@
+# BurstStats Plugin
+
+The **BurstStats Plugin** is a module for the IPFIXprobe exporter, designed to analyze packet burst statistics.
+
+## Features
+
+- Consider packet to be a part of burst if it arrives within short time interval after previous packet.
+- Extracts and exports burst statistics from network flows. 
+
+## Output Fields
+
+| Field Name      | Data Type | Description                                                 |
+|-----------------|-----------|-------------------------------------------------------------|
+| SBI_BRST_PACKETS| uint32_t  | Array of packets in each burst in source-to-destination direction                  |
+| SBI_BRST_BYTES  | uint32_t  | Array of bytes in each burst in source-to-destination direction                    |
+| SBI_BRST_TIME_START | Timestamp | Array of burst start times in source-to-destination direction                   |
+| SBI_BRST_TIME_STOP  | Timestamp | Array of burst end times in source-to-destination direction                     |
+| DBI_BRST_PACKETS| uint32_t  | Array of packets in each burst in destination-to-source direction                  |
+| DBI_BRST_BYTES  | uint32_t  | Array of bytes in each burst in destination-to-source direction                    |
+| DBI_BRST_TIME_START | Timestamp | Array of burst start times in destination-to-source direction                   |
+| DBI_BRST_TIME_STOP  | Timestamp | Array of burst end times in destination-to-source direction                     |
+
+## Usage
+
+Once enabled, the plugin will automatically process flows and add the export fields to each record.
+
+1. ``` make install ```.
+2. ``` ipfixprobe -p "bstats" ... " ```
+3. Extracted values are exported to the output interface.
+
+## Support
+
+For issues or feature requests, please open an issue in the [IPFIXprobe repository](https://github.com/CESNET/ipfixprobe).
@@ -9,36 +9,36 @@
 
 #pragma once
 
-#include <sys/time.h>
 #include <directionalField.hpp>
+#include <sys/time.h>
 #include <utils.hpp>
 
-namespace ipxp
-{
+namespace ipxp {
 
 /**
  * @struct Burst
- * @brief Structure representing one packet burst. Contains packets, bytes which belong to that burst with begin and end timestamps.
+ * @brief Structure representing one packet burst. Contains packets, bytes which belong to that
+ * burst with begin and end timestamps.
  */
 struct Burst {
-    constexpr static timeval MAX_INTERPACKET_TIMEDIFF = {1, 0}; ///< Maximum time difference between packets in one burst (1 second).
+	constexpr static timeval MAX_INTERPACKET_TIMEDIFF
+		= {1, 0}; ///< Maximum time difference between packets in one burst (1 second).
 
-    std::reference_wrapper<uint32_t> packets;
+	std::reference_wrapper<uint32_t> packets;
 	std::reference_wrapper<uint32_t> bytes;
 	std::reference_wrapper<Timestamp> start;
 	std::reference_wrapper<Timestamp> end;
 
-    /**
+	/**
 	 * @brief Checks if the given timestamp belongs to the burst.
 	 *
 	 * @param time The timestamp to check.
-     * @return true if the timestamp belongs to the burst, false otherwise.
+	 * @return true if the timestamp belongs to the burst, false otherwise.
 	 */
-    constexpr
-    bool belongs(const timeval time) const noexcept 
-    {
-        return Timestamp(time) - end < MAX_INTERPACKET_TIMEDIFF;
-    }
+	constexpr bool belongs(const timeval time) const noexcept
+	{
+		return Timestamp(time) - end < MAX_INTERPACKET_TIMEDIFF;
+	}
 };
 
 } // namespace ipxp
@@ -8,24 +8,19 @@
  *
  * Provides a plugin that extracts packet burst statistics of flows,
  * stores them in per-flow plugin data, and exposes fields via FieldManager.
- * 
+ *
  * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
  */
 
 #include "burstStats.hpp"
+
 #include "burstStatsData.hpp"
 
 #include <iostream>
 
-//#include <ipfixprobe/pluginFactory/pluginManifest.hpp>
-#include <ipfixprobe/pluginFactory/pluginRegistrar.hpp>
-
-//#include <pluginManifest.hpp>
-//#include <pluginRegistrar.hpp>
-//#include <pluginFactory.hpp>
 #include <fieldGroup.hpp>
-//#include <fieldManager.hpp>
 #include <ipfixprobe/options.hpp>
+#include <ipfixprobe/pluginFactory/pluginRegistrar.hpp>
 
 namespace ipxp {
 
@@ -41,55 +36,77 @@ static const PluginManifest burstStatsPluginManifest = {
 		},
 };
 
-static FieldGroup createBurstStatsSchema(FieldManager& fieldManager, FieldHandlers<BurstStatsFields>& handlers)
+static FieldGroup
+createBurstStatsSchema(FieldManager& fieldManager, FieldHandlers<BurstStatsFields>& handlers)
 {
 	FieldGroup schema = fieldManager.createFieldGroup("bstats");
 
 	auto [sourcePacketsField, destPacketsField] = schema.addVectorDirectionalFields(
-		"SBI_BRST_PACKETS", "DBI_BRST_PACKETS",
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getPackets(Direction::Forward); },
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getPackets(Direction::Reverse); }
-	);
+		"SBI_BRST_PACKETS",
+		"DBI_BRST_PACKETS",
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getPackets(Direction::Forward);
+		},
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getPackets(Direction::Reverse);
+		});
 	handlers.insert(BurstStatsFields::SBI_BRST_PACKETS, sourcePacketsField);
 	handlers.insert(BurstStatsFields::DBI_BRST_PACKETS, destPacketsField);
 
 	auto [sourceBytesField, destBytesField] = schema.addVectorDirectionalFields(
-		"SBI_BRST_BYTES", "DBI_BRST_BYTES",
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getBytes(Direction::Forward); },
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getBytes(Direction::Reverse); }
-	);
+		"SBI_BRST_BYTES",
+		"DBI_BRST_BYTES",
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getBytes(Direction::Forward);
+		},
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getBytes(Direction::Reverse);
+		});
 	handlers.insert(BurstStatsFields::SBI_BRST_BYTES, sourceBytesField);
 	handlers.insert(BurstStatsFields::DBI_BRST_BYTES, destBytesField);
 
-
 	auto [sourceTimeStartField, destTimeStartField] = schema.addVectorDirectionalFields(
-		"SBI_BRST_TIME_START", "DBI_BRST_TIME_START",
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getStartTimestamps(Direction::Forward); },
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getStartTimestamps(Direction::Reverse); }
-	);
+		"SBI_BRST_TIME_START",
+		"DBI_BRST_TIME_START",
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getStartTimestamps(
+				Direction::Forward);
+		},
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getStartTimestamps(
+				Direction::Reverse);
+		});
 	handlers.insert(BurstStatsFields::SBI_BRST_TIME_START, sourceTimeStartField);
 	handlers.insert(BurstStatsFields::DBI_BRST_TIME_START, destTimeStartField);
 
 	auto [sourceTimeStopField, destTimeStopField] = schema.addVectorDirectionalFields(
-		"SBI_BRST_TIME_STOP", "DBI_BRST_TIME_STOP",
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getEndTimestamps(Direction::Forward); },
-		[](const void* context) { return reinterpret_cast<const BurstStatsData*>(context)->getEndTimestamps(Direction::Reverse); }
-	);
+		"SBI_BRST_TIME_STOP",
+		"DBI_BRST_TIME_STOP",
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getEndTimestamps(
+				Direction::Forward);
+		},
+		[](const void* context) {
+			return reinterpret_cast<const BurstStatsData*>(context)->getEndTimestamps(
+				Direction::Reverse);
+		});
 	handlers.insert(BurstStatsFields::SBI_BRST_TIME_STOP, sourceTimeStopField);
 	handlers.insert(BurstStatsFields::DBI_BRST_TIME_STOP, destTimeStopField);
 
 	return schema;
 }
 
-BurstStatsPlugin::BurstStatsPlugin([[maybe_unused]]const std::string& params, FieldManager& manager)
+BurstStatsPlugin::BurstStatsPlugin(
+	[[maybe_unused]] const std::string& params,
+	FieldManager& manager)
 {
 	createBurstStatsSchema(manager, m_fieldHandlers);
 }
 
 PluginInitResult BurstStatsPlugin::onInit(const FlowContext& flowContext, void* pluginContext)
 {
 	auto* pluginData = std::construct_at(reinterpret_cast<BurstStatsData*>(pluginContext));
-	
+
 	std::optional<Burst> burst = pluginData->push(Direction::Forward);
 	updateBursts(*burst, flowContext.packet);
 
@@ -103,7 +120,7 @@ PluginInitResult BurstStatsPlugin::onInit(const FlowContext& flowContext, void*
 void BurstStatsPlugin::updateBursts(Burst& burst, const Packet& packet) noexcept
 {
 	burst.packets++;
-	burst.bytes += packet.ip_payload_len;	
+	burst.bytes += packet.ip_payload_len;
 	burst.end.get() = packet.ts;
 	if (burst.packets == 1) {
 		burst.start.get() = packet.ts;
@@ -133,11 +150,12 @@ PluginUpdateResult BurstStatsPlugin::onUpdate(const FlowContext& flowContext, vo
 	};
 }
 
-PluginExportResult BurstStatsPlugin::onExport(const FlowRecord& flowRecord, [[maybe_unused]] void* pluginContext)
+PluginExportResult
+BurstStatsPlugin::onExport(const FlowRecord& flowRecord, [[maybe_unused]] void* pluginContext)
 {
-	const uint32_t packetsTotal
-		= static_cast<uint32_t>(
-			flowRecord.directionalData[Direction::Forward].packets + flowRecord.directionalData[Direction::Reverse].packets);
+	const uint32_t packetsTotal = static_cast<uint32_t>(
+		flowRecord.directionalData[Direction::Forward].packets
+		+ flowRecord.directionalData[Direction::Reverse].packets);
 	if (packetsTotal <= MINIMAL_PACKETS_COUNT) {
 		return {
 			.flowAction = FlowAction::RemovePlugin,
@@ -171,6 +189,7 @@ PluginDataMemoryLayout BurstStatsPlugin::getDataMemoryLayout() const noexcept
 	};
 }
 
-static const PluginRegistrar<BurstStatsPlugin, ProcessPluginFactory> burstStatsRegistrar(burstStatsPluginManifest);
+static const PluginRegistrar<BurstStatsPlugin, ProcessPluginFactory>
+	burstStatsRegistrar(burstStatsPluginManifest);
 
 } // namespace ipxp
@@ -8,20 +8,20 @@
  *
  * Provides a plugin that extracts packet burst statistics of flows,
  * stores them in per-flow plugin data, and exposes fields via FieldManager.
- * 
+ *
  * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
  */
 
 #pragma once
 
+#include "burst.hpp"
+#include "burstStatsFields.hpp"
+
 #include <sstream>
 #include <string>
-#include <processPlugin.hpp>
-//#include <fieldManager.hpp>
-#include <fieldHandlersEnum.hpp>
 
-#include "burstStatsFields.hpp"
-#include "burst.hpp"
+#include <fieldHandlersEnum.hpp>
+#include <processPlugin.hpp>
 
 namespace ipxp {
 
@@ -31,7 +31,6 @@ namespace ipxp {
  */
 class BurstStatsPlugin : public ProcessPlugin {
 public:
-
 	/**
 	 * @brief Constructs the BurstStats plugin.
 	 *
@@ -71,7 +70,7 @@ class BurstStatsPlugin : public ProcessPlugin {
 	 *
 	 * @param flowRecord The flow record containing aggregated flow data.
 	 * @param pluginContext Pointer to `BurstStatsData`.
-	 * @return RemovePlugin if packet count is less than `MINIMAL_PACKETS_COUNT`, 
+	 * @return RemovePlugin if packet count is less than `MINIMAL_PACKETS_COUNT`,
 	 * else no action is required.
 	 */
 	PluginExportResult onExport(const FlowRecord& flowRecord, void* pluginContext) override;
@@ -89,10 +88,11 @@ class BurstStatsPlugin : public ProcessPlugin {
 	PluginDataMemoryLayout getDataMemoryLayout() const noexcept override;
 
 private:
-	constexpr static std::size_t MINIMAL_PACKETS_COUNT = 3; ///< Minimal number of packets to consider the flow valid.
+	constexpr static std::size_t MINIMAL_PACKETS_COUNT
+		= 3; ///< Minimal number of packets to consider the flow valid.
 
 	void updateBursts(Burst& burst, const Packet& packet) noexcept;
-	void makeAllFieldsUnavailable(FlowRecord& flowRecord) noexcept; 
+	void makeAllFieldsUnavailable(FlowRecord& flowRecord) noexcept;
 
 	FieldHandlers<BurstStatsFields> m_fieldHandlers;
 };