nfdmp2rds
Installation
Binaries are not available. Install Go 1.6+, set your GOPATH
and run the following:
$ go get -u github.com/sevein/nfdmp2rds
Run it again to build the latest sources available!
Usage examples
You can pipe the input:
$ cat test.txt | nfdmp2rds netflow:test001 -
Or pass a filename:
$ nfdmp2rds netflow:test001 test.txt
Detailed example:
$ nfdmp2rds -flush -workers 1 -redisServer 127.0.0.1:6379 netflow:test001 test.txt
Help:
$ nfdmp2rds -h
Usage: nfdmp2rds [options] redisListKey file
(redisListKey and file mandatory)
Flags (options):
-bsize int
Batch size (default 5)
-cpuprofile string
Write CPU profile to file
-flush
Delete key beforehand
-h Print command usage help
-hostname string
Given hostname (default "localhost")
-nogeo
Do not use geographic database
-redisPassword string
Redis password
-redisServer string
Redis server (default ":6379")
-v Verbose mode
-workers int
Number of workers (default 4)
Schema
The following is an example of a JSON document generated by nfdmp2rds.
{
"first_switched": "2016-05-16T19:10:29Z",
"geoip_dst": {
"iso_code": "ES"
},
"geoip_src": {
"iso_code": "CA"
},
"host": "different.hostname.tld",
"in_bytes": "99",
"in_pkts": "2",
"ipv4_dst_addr": "217.12.24.33",
"ipv4_src_addr": "142.58.103.21",
"l4_dst_port": "11482",
"l4_src_port": "179",
"last_switched": "2016-05-16T19:10:34Z",
"protocol": "6"
}
Credits
This product includes GeoLite2 data created by MaxMind, available from http://www.maxmind.com.
Check out glide.yaml
for a list of third-party libraries used in this project.