nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Corey Flowers <cflow...@onyxpoint.com>
Subject Re: Netflow parser
Date Mon, 17 Apr 2017 14:57:16 GMT
Good morning everyone,

      Was there ever a netflow parser processor built? I am currently
working on a netflow issue and have seen several people discuss netflow
parsing in threads but I haven't seen any information about the release of
a netflow processor. The version I am currently working with is v9.

Thanks!

On Mon, Aug 8, 2016 at 10:00 AM, Madhukar Thota <madhukar.thota@gmail.com>
wrote:

> Hi Joe,
>
> we have bunch of cisco router that has netflow feature built in. Netflow
> allows us to collect the network traffic from the devices and able to send
> them to udp destination for processing. As the data comes in raw, we need
> to parse the incoming data and do transformation and send to them hdfs,
> kafka or elasticseach or some other destination for analytics.
>
> Today we are using logstash as netflow collector and able to do
> transformation and write them into elasticsearch for visualization. As we
> are moving all the logstash processing work to nifi, we want to move the
> netflow parsing to nifi too.
>
> https://github.com/logstash-plugins/logstash-codec-netflow
> http://blogs.cisco.com/security/step-by-step-setup-
> of-elk-for-netflow-analytics
> https://streamsets.com/documentation/datacollector/
> latest/help/#Origins/UDP.html#concept_rst_2y5_1s
>
>
> -Madhu
>
> On Mon, Aug 8, 2016 at 9:42 AM, Joe Witt <joe.witt@gmail.com> wrote:
>
>> Hello
>>
>> There are no processors included in the apache release that
>> specifically operate on netflow so you'd need to have a custom
>> processor to deal with it until one is included.
>>
>> Netflow is often flowing through NiFi typically for things like
>> content merging and loading into HDFS.  Parsing is a good use case and
>> presumably after that you'd want to make some routing decisions or do
>> some sort of enrichment?  Can you describe in more detail what you'd
>> like to be able to accomplish in NiFi and what systems it would
>> deliver the netflow to?  Also, what type of Netflow is of interest (it
>> can be frustratingly proprietary)?
>>
>> Thanks
>> Joe
>>
>> On Mon, Aug 8, 2016 at 9:27 AM, Madhukar Thota <madhukar.thota@gmail.com>
>> wrote:
>> > Is there any Processor available for Netflow? If not what is the best
>> way to
>> > get Netflow data parsed using nifi?
>> >
>> >
>>
>
>


-- 
Corey Flowers
Vice President, Onyx Point, Inc
(410) 541-6699
cflowers@onyxpoint.com

-- This account not approved for unencrypted proprietary information --

Mime
View raw message