First off to be clear, I don't work for Adiscon. They are Rainer's employer and
the primary sponsors of Rsyslog. That said, Rsyslog is opensource, so you can
hire anyone to write something for you, so you could hire Pavel, me or anyone
else to write something. Adiscon professional services can probably write it
faster than the rest of us as they are the most familiar with the code, but you
don't have to limit yourself to them. It is nice to throw business their way to
thank them for their work, but if they are too backed up anything goes :-)
There is already a onsnmp module, although it may need to be modified to do what
you are looking for.
Rainer and Adiscon tend to quote in Euros, not $, but you'll have to wait and
see what he has to say as far as the price goes, I think you're asking for more
items than a single ~$600 project, but we'll have to see.
It sounds like what you are looking for is the following
an input module that will accept SNMP traps and convert them to syslog messages
an output module that will convert specially formatted syslog messages to SNMP
traps (this may just be a modification/update of the existing omsnmp module)
an input module that will accept netflow messages and convert them to syslog
messages
an output module that will convert messages to netflow format and send them
netflow has a lot of different versions of the protocol, which versions did you
want to support? do you need to be able to accept input in one format and send
output in a different format?
what message rate are you thinking of in terms of netflow messages?
I would be thinking in terms of having the syslog message be a JSON formatted
message containing all the pieces needed to recreate the original message, and
the outputs looking for those specific tags.
Given that the inputs are UDP, and they are one message per packet, it may not
require full input modules, but rather just new parser modules that can be run
from the existing imudp module
I think I've seen comments that parser modules would be ~500 Euros for
Adiscon/Rainer to write.
David Lang
On Sun, 3 Nov 2013, Nick Syslog wrote:
Rainer/David,
I was curious if the 600$ development costs for an "open" effort would be
possible for something like netflow/snmp inputs and outputs?
Have had a lot of conversations lately with co-workers about the
possibility of having SNMP and Netflow routed via rsyslog but I know that
both of these aren't syslog either so I wanted to ultimately see what the
viability of something like this is first.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
