We have used cloudflare/goflow docker container image and set up it in our Kubernetes to collect Netflow data. We wanted to understand the output from goflow first from the logs of container, so we have applied below configurations:
Our Netflow exporter (which will send data to this goflow Netflow collector) is configured to send Netflow V9 format data.
When we start our Netflow exporter, we see logs into goflow container but it looks that it is not in to the Netflow V9 format.
Here is the sample log:
Type:IPFIX TimeReceived:1690784461 SequenceNum:56778 SamplingRate:1 SamplerAddress:10.42.118.0 TimeFlowStart:0 TimeFlowEnd:0 Bytes:144 Packets:1 SrcAddr:127.0.0.53 DstAddr:127.0.0.1 Etype:2048 Proto:17 SrcPort:53 DstPort:52416 InIf:0 OutIf:0 SrcMac:00:00:00:00:00:00 DstMac:00:00:00:00:00:00 SrcVlan:0 DstVlan:0 VlanId:0 IngressVrfID:0 EgressVrfID:0 IPTos:0 ForwardingStatus:0 IPTTL:0 TCPFlags:0 IcmpType:0 IcmpCode:0 IPv6FlowLabel:0 FragmentId:0 FragmentOffset:0 BiFlowDirection:0 SrcAS:0 DstAS:0 NextHop: NextHopAS:0 SrcNet:0 DstNet:0 HasEncap:false SrcAddrEncap: DstAddrEncap: ProtoEncap:0 EtypeEncap:0 IPTosEncap:0 IPTTLEncap:0 IPv6FlowLabelEncap:0 FragmentIdEncap:0 FragmentOffsetEncap:0 HasMPLS:false MPLSCount:0 MPLS1TTL:0 MPLS1Label:0 MPLS2TTL:0, MPLS2Label: 0, MPLS3TTL:0 MPLS3Label:0 MPLSLastTTL:0 MPLSLastLabel:0 HasPPP:false PPPAddressControl:0
How can we configure goflow to enable collector for Netflow V9 format?
Can you please help us here?
Hello Team,
We have used cloudflare/goflow docker container image and set up it in our Kubernetes to collect Netflow data. We wanted to understand the output from goflow first from the logs of container, so we have applied below configurations:
Our Netflow exporter (which will send data to this goflow Netflow collector) is configured to send Netflow V9 format data. When we start our Netflow exporter, we see logs into goflow container but it looks that it is not in to the Netflow V9 format. Here is the sample log: Type:IPFIX TimeReceived:1690784461 SequenceNum:56778 SamplingRate:1 SamplerAddress:10.42.118.0 TimeFlowStart:0 TimeFlowEnd:0 Bytes:144 Packets:1 SrcAddr:127.0.0.53 DstAddr:127.0.0.1 Etype:2048 Proto:17 SrcPort:53 DstPort:52416 InIf:0 OutIf:0 SrcMac:00:00:00:00:00:00 DstMac:00:00:00:00:00:00 SrcVlan:0 DstVlan:0 VlanId:0 IngressVrfID:0 EgressVrfID:0 IPTos:0 ForwardingStatus:0 IPTTL:0 TCPFlags:0 IcmpType:0 IcmpCode:0 IPv6FlowLabel:0 FragmentId:0 FragmentOffset:0 BiFlowDirection:0 SrcAS:0 DstAS:0 NextHop: NextHopAS:0 SrcNet:0 DstNet:0 HasEncap:false SrcAddrEncap: DstAddrEncap: ProtoEncap:0 EtypeEncap:0 IPTosEncap:0 IPTTLEncap:0 IPv6FlowLabelEncap:0 FragmentIdEncap:0 FragmentOffsetEncap:0 HasMPLS:false MPLSCount:0 MPLS1TTL:0 MPLS1Label:0 MPLS2TTL:0, MPLS2Label: 0, MPLS3TTL:0 MPLS3Label:0 MPLSLastTTL:0 MPLSLastLabel:0 HasPPP:false PPPAddressControl:0
How can we configure goflow to enable collector for Netflow V9 format? Can you please help us here?