nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-5327) NetFlow Processors
Date Sat, 01 Sep 2018 02:16:01 GMT

    [ https://issues.apache.org/jira/browse/NIFI-5327?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16599480#comment-16599480
] 

ASF GitHub Bot commented on NIFI-5327:
--------------------------------------

Github user MikeThomsen commented on a diff in the pull request:

    https://github.com/apache/nifi/pull/2820#discussion_r214501508
  
    --- Diff: nifi-nar-bundles/nifi-network-bundle/nifi-network-utils/src/main/java/org/apache/nifi/processors/network/parser/Netflowv5Parser.java
---
    @@ -0,0 +1,134 @@
    +/*
    + * Licensed to the Apache Software Foundation (ASF) under one or more
    + * contributor license agreements. See the NOTICE file distributed with
    + * this work for additional information regarding copyright ownership.
    + * The ASF licenses this file to You under the Apache License, Version 2.0
    + * (the "License"); you may not use this file except in compliance with
    + * the License. You may obtain a copy of the License at
    + * http://www.apache.org/licenses/LICENSE-2.0
    + * Unless required by applicable law or agreed to in writing, software
    + * distributed under the License is distributed on an "AS IS" BASIS,
    + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    + * See the License for the specific language governing permissions and
    + * limitations under the License.
    + */
    +package org.apache.nifi.processors.network.parser;
    +
    +import java.util.OptionalInt;
    +
    +import static org.apache.nifi.processors.network.parser.util.ConversionUtil.toShort;
    +import static org.apache.nifi.processors.network.parser.util.ConversionUtil.toInt;
    +import static org.apache.nifi.processors.network.parser.util.ConversionUtil.toLong;
    +import static org.apache.nifi.processors.network.parser.util.ConversionUtil.toIPV4;
    +
    +/**
    + * Networkv5 is Cisco data export format which contains one header and one or more flow
records. This Parser parses the netflowv5 format. More information: @see
    + * <a href="https://www.cisco.com/c/en/us/td/docs/net_mgmt/netflow_collection_engine/3-6/user/guide/format.html">Netflowv5</a>
    + */
    +public final class Netflowv5Parser {
    +    private static final int HEADER_SIZE = 24;
    +    private static final int RECORD_SIZE = 48;
    +
    +    private static final int SHORT_TYPE = 0;
    +    private static final int INTEGER_TYPE = 1;
    +    private static final int LONG_TYPE = 2;
    +    private static final int IPV4_TYPE = 3;
    +
    +    private static final String headerField[] = { "version", "count", "sys_uptime", "unix_secs",
"unix_nsecs", "flow_sequence", "engine_type", "engine_id", "sampling_interval" };
    +    private static final String recordField[] = { "srcaddr", "dstaddr", "nexthop", "input",
"output", "dPkts", "dOctets", "first", "last", "srcport", "dstport", "pad1", "tcp_flags",
"prot", "tos",
    +            "src_as", "dst_as", "src_mask", "dst_mask", "pad2" };
    +
    +    private final int portNumber;
    +
    +    private Object headerData[];
    +    private Object recordData[][];
    +
    +    public Netflowv5Parser(final OptionalInt portNumber) {
    +        this.portNumber = (portNumber.isPresent()) ? portNumber.getAsInt() : 0;
    +    }
    +
    +    public final int parse(final byte[] buffer) throws Throwable {
    +        final int version = toInt(buffer, 0, 2);
    +        assert version == 5 : "Version mismatch";
    +        final int count = toInt(buffer, 2, 2);
    --- End diff --
    
    Do we need any additional validation of the `buffer` variable like checking for a minimum
length?


> NetFlow Processors
> ------------------
>
>                 Key: NIFI-5327
>                 URL: https://issues.apache.org/jira/browse/NIFI-5327
>             Project: Apache NiFi
>          Issue Type: New Feature
>          Components: Core Framework
>    Affects Versions: 1.6.0
>            Reporter: Prashanth Venkatesan
>            Assignee: Prashanth Venkatesan
>            Priority: Major
>
> As network traffic data scopes for the big data use case, would like NiFi to have processors
to support parsing of those protocols.
> Netflow is a protocol introduced by Cisco that provides the ability to collect IP network
traffic as it enters or exits an interface and is described in detail in here:
> [https://www.cisco.com/c/en/us/td/docs/net_mgmt/netflow_collection_engine/3-6/user/guide/format.html]
>  
> Currently, I have created the following processor:
> *ParseNetflowv5*:  Parses the ingress netflowv5 bytes and ingest as either NiFi flowfile
attributes or as a JSON content. This also sends one-time-template.
>  
> Further ahead, we can add many processor specific to network protocols in this nar bundle.
> I will create a pull request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message