Comments (2)
My preference is for Option 2 as the data has to go through a parsing/ sanitization layer anyways.
from ipfix-rita.
Example Data as per logstash-mongodb
{
"_id" : ObjectId("5b6b4e2f10a0cf244f0181ac"),
"@timestamp" : "\"2018-08-08T20:10:22.000Z\"",
"host" : "75.147.155.169",
"netflow" : {
"output_snmp" : 2,
"ipv4_src_addr" : "192.168.168.65",
"xlate_dst_addr_ipv4" : "108.177.122.18",
"input_snmp" : 1,
"ipv4_next_hop" : "0.0.0.0",
"version" : 9,
"flow_seq_num" : 288,
"flowset_id" : 256,
"in_pkts" : 2,
"in_bytes" : 678,
"ipv4_dst_addr" : "108.177.122.18",
"xlate_src_addr_ipv4" : "10.0.0.237",
"l4_src_port" : 50243,
"first_switched" : "2018-08-08T20:10:22.000Z",
"xlate_src_port" : 17481,
"protocol" : 6,
"xlate_dst_port" : 443,
"l4_dst_port" : 443,
"last_switched" : "2018-08-08T20:10:22.000Z"
},
"@version" : "1"
}
{
"_id" : ObjectId("5b6b4e2f10a0cf244f0181ad"),
"@timestamp" : "\"2018-08-08T20:10:22.000Z\"",
"host" : "75.147.155.169",
"netflow" : {
"output_snmp" : 1,
"ipv4_src_addr" : "108.177.122.18",
"xlate_dst_addr_ipv4" : "192.168.168.65",
"input_snmp" : 2,
"ipv4_next_hop" : "10.0.0.1",
"version" : 9,
"flow_seq_num" : 289,
"flowset_id" : 256,
"in_pkts" : 1,
"in_bytes" : 60,
"ipv4_dst_addr" : "10.0.0.237",
"xlate_src_addr_ipv4" : "108.177.122.18",
"l4_src_port" : 443,
"first_switched" : "2018-08-08T20:10:22.000Z",
"xlate_src_port" : 443,
"protocol" : 6,
"xlate_dst_port" : 50245,
"l4_dst_port" : 52354,
"last_switched" : "2018-08-08T20:10:22.000Z"
},
"@version" : "1"
}
from ipfix-rita.
Related Issues (20)
- Track down and fix config spacing issue HOT 1
- Support Netflow v5 HOT 1
- Add docs/ folder to the installer bundle
- Add "Generating a Release" to the Dev docs
- Write a Better Wrapper Script
- Modify install script HOT 3
- Add script which replays netflow/ ipfix data from a packet capture
- Provide an easy way to disable database rotation for testing
- Solve IPFIX issue with MikroTik Router Logs HOT 2
- Add Debugging to README
- Log Rollover Issue HOT 3
- Manual Changes
- Remove Version from tar file HOT 1
- Bump RITA Output Version HOT 1
- Reinstall May Change Docker Network HOT 3
- HOTFIX: Fix test cases HOT 1
- MongoDB/IPFIX-RITA Crashes On Reboot HOT 2
- Implement RITA freqConn HOT 1
- Add Time Stamps to IPFIX-RITA logs
- TZ variable is unset in environments where /etc/localtime is a file instead of a symlink
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ipfix-rita.