Chris, I was planning to address the netflow processor sometime in August once I finish the work I am doing around consuming TAXII endpoints but I am also happy for someone to give it a go...
The plan was to process IPFIX (as this is the open standard) and later on, depending on documentation available process netflow. Cheers On Wed, Jul 26, 2017 at 5:09 PM, Chris Herssens <[email protected]> wrote: > Hello Joe, > > Thanks for your answer. I found a Jira ticket about implementation of a > netflow procerssor. > Do you know what the status is ? Since Netflow and IPFIX are important > protocols for network monitoring, It would be nice to have such kind > of processors. > Where can I find more information about the ListenTCPRecord ? > > Regards, > > Chris > > On Tue, Jul 25, 2017 at 4:24 PM, Joe Witt <[email protected]> wrote: > > > Chris, > > > > There are no plans that I am aware of. We'd need to have build a > > ListenUDPRecord processor and we'd need an IPFIXRecordReader. This > > would be pretty slick and quite fast. I *think* Bryan Bende was > > working on a ListenTCPRecord so maybe this could be tied into that. > > > > Thanks > > > > On Tue, Jul 25, 2017 at 9:06 AM, Chris Herssens > > <[email protected]> wrote: > > > Hello All, > > > > > > Are there plans to implement an IPFIX collector. > > > The processor should listen on an UDP port, parse the content and > convert > > > it to AVRO or JSON > > > > > > Regards, > > > > > > Chris > > >
