Hi,
I have a relatively simple configuration I'm testing out:
nfacctd_ip:a.b.c.d
nfacctd_port:2104
plugins: mongodb[all]
aggregate[all]: dst_host
mongo_table[all]: nfacctd_whk.hist_%Y_%m_%d
mongo_host[all]: e.f.g.h
That's a very highly simplified version of my final goal (I really want
nearly 1:1 packets into mongodb records eventually)
This mostly works, with the exception that the variables in mongo_table
are not properly substituted. Records get put into the collection
"hist_1969_12_31". This is obviously something getting set to unixtime
0. nfacctd_time_new appears to exist for the purpose where my netflow
sender is not setting the proper date/time headers (which, actually, I
don't think is the case here) but even setting nfacctd_time_new: true
does not fix the issue. The collection is still created with the wrong date.
If I include timestamp_start, timestamp_end in the aggregate definition,
the timestamps do appear correct in the resulting mongodb entries.
{
"_id" : ObjectId("529ade3f70fd695100000013"),
"ip_dst" : "i.j.k.l",
"timestamp_start" : Timestamp(1385881117, 160000000),
"timestamp_end" : Timestamp(1385881117, 160000000),
"packets" : NumberLong(1),
"bytes" : NumberLong(52)
}
I am running:
NetFlow Accounting Daemon, nfacctd 1.5.0rc1 (20130829-00)
--enable-mongodb
Thanks,
-Adam
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
