pwp333
commented
4 years ago Looks flow_records is not a standard field in v9.
Closed pwp333 closed 4 years ago
pwp333
commented
4 years ago Looks flow_records is not a standard field in v9.
v5 does report flow_records which is missing in v9. Please help to add it as it is an important metric to track. Thanks a lot.
[v5] "netflow" => { "dst_as" => 0, "l4_src_port" => 36549, "ipv4_src_addr" => "172.31.11.80", "version" => 5, "protocol" => 17, "tcp_flags" => 0, "src_tos" => 0, "src_as" => 0, "ipv4_dst_addr" => "10.8.8.8", "in_bytes" => 74, "dst_mask" => 0, "sampling_interval" => 0, "first_switched" => "2020-07-07T06:25:58.455Z", "engine_type" => 0, "engine_id" => 0, "flow_seq_num" => 10794935, "sampling_algorithm" => 0, "ipv4_next_hop" => "0.0.0.0", "src_mask" => 0, "in_pkts" => 1, "last_switched" => "2020-07-07T06:25:58.456Z", "flow_records" => 29, <<=== here "output_snmp" => 0, "input_snmp" => 0, "l4_dst_port" => 53 },
[v9] "netflow" => { "src_tos" => 0, "first_switched" => "2020-07-07T06:35:33.720Z", "flow_end_reason" => 1, "direction" => 1, "flow_seq_num" => 60010, "l4_src_port" => 46914, "ipv4_src_addr" => "172.16.0.42", "in_pkts" => 1, "last_switched" => "2020-07-07T06:35:33.720Z", "version" => 9, "output_snmp" => 0, "protocol" => 17, "tcp_flags" => 0, "ip_protocol_version" => 4, "ipv4_dst_addr" => "172.16.0.2", "in_bytes" => 59, "flowset_id" => 1024, "input_snmp" => 0, "l4_dst_port" => 53 },