search

delian / node-netflowv9

NetFlow Version 9 library for Node.JS
GNU General Public License v2.0
42 stars 13 forks source link

Is IPFIX going to be supported? #2

Open kmpm opened 10 years ago

kmpm commented 10 years ago

I know it's more like IPFIX = NetFlow V10 and this project says V9. Vyos seems to include IPFIX types within it's V9 netflow packets. So unless they are included this library seems unusable for that.

delian commented 10 years ago

Can you give me the spec of IPFIX so I can compare. Currently I have been using the Cisco own netflow v9 spec given on their web site?

kmpm commented 10 years ago

In Ciscos whitepaper about V9 package format ( http://www.cisco.com/en/US/technologies/tk648/tk362/technologies_white_paper09186a00800a3db9.html ) there is a link to a document describing type 128 to 32768.

http://www.iana.org/assignments/ipfix/ipfix.xhtml

delian commented 8 years ago

Hello, Generally all of the IPFIX fields (with the exception of the floating point ones) are now implemented. The floating points are decoded too, but not are not yet represented as floating point

rahbari commented 7 years ago

First thanks for the good work, I really need this IPFIX feature, as you may be busy I'm interested in adding it myself, but would you please provide me some general guides so I don't have to go through all of the codes.

delian commented 7 years ago

It is actually already supported. However not all fields are automatically decoded. From the standard fields all floating point are not decoded (I have no ipfix source so I am unable to verify the type). If those fields are not an issue, then you can use this library as is. If that is an issue there are two options - 1) write decoder yourself (use the given example in the Readme) or 2) send me a file with ipfix data collected by tcpdump -w file -s 0...

On Thu, 22 Jun 2017 at 07:35, rahbari notifications@github.com wrote:

First thanks for the good work, I really need this IPFIX feature, as you may be busy I'm interested in adding it myself, but would you please provide me some general guides so I don't have to go through all of the codes.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/delian/node-netflowv9/issues/2#issuecomment-310280251, or mute the thread https://github.com/notifications/unsubscribe-auth/AAG7ZqLXNIJy7UdFECqy7v5TFYQWuE2cks5sGf0JgaJpZM4CJLV3 .

--

Delian