On 10.05.21 19:33, waqas ahmed wrote: > Hi, > I am writing dpdk application that needs to export flow related information > using ipfix such as application name, http URL and http user agent strings. > Ipfix suggest to use private enterprise numbers for such export. Dpdk > process craft such ipfix packets and send to collector, now is there any > filter with Nfdump so that can we use to decode PEN and see given string?. > Looking forward to hearing from you nfdup needs be be aware of such private enterprise numbers in order to decode the data correctly. By default nfdump accepts only well defined elements. If you are interessted in implementing such private enterprise fields, just contact me off list. Please also have a look into nfdump1-.7 beta: https://github.com/phaag/nfdump/issues/292. It implements NBAR: https://www.cisco.com/c/en/us/products/ios-nx-os-software/network-based-application-recognition-nbar/index.html Thanks - Peter > Thanks > > > > _______________________________________________ > Nfdump-discuss mailing list > Nfdump-discuss@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nfdump-discuss > -- Be nice to your netflow data. Use NfSen and nfdump :) _______________________________________________ Nfdump-discuss mailing list Nfdump-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
Re: [Nfdump-discuss] Filter for decoding Private Enterprise Numbers PEN of ipfix export
Peter Haag via Nfdump-discuss Mon, 24 May 2021 05:32:17 -0700
- [Nfdump-discuss] Filter for decoding Private... waqas ahmed
- Re: [Nfdump-discuss] Filter for decodin... Peter Haag via Nfdump-discuss
- Re: [Nfdump-discuss] Filter for dec... waqas ahmed
