& Regards,
Hema Chandra Yeddula,
Research Engineer,
Cert team,
CDOT-Delhi
---
::Disclaimer::
---
The contents of this email
create NetFlow/
IPFIX out of it then it's matter of coding the capture / decoding part
(that is to say it's not a quick win; if you can code it yourself and
contribute back would be great).
Paolo
On Thu, Dec 05, 2019 at 04:40:12PM +0530, HEMA CHANDRA YEDDULA wrote:
>
> Hi paolo,
&
Hi,
Is it possible to incorporate http fields in netflow/ipfix data just by
defining custom primitives without any code changes.
Thanks,
Hema Chandra
---
::Disclaimer::
Hi,
I want to add 'httpRequestHost' information element 460 custom_primitive as
aggregate key
but the size of this field s not fixed. If length is declared as "vlen" then it
is
extracting complete payload. Is there any way to extract the host based on some
regex
matching.
Thanks & Regards
He
Hi,
I want to add httpStatusCode and httpRequestHost custom primitives to aggregate
config-key based on the source/destination port value.
How to do this?
Thanks and Regards,
Hema Chandra
---
::Disclaimer::
-
Hi,
I have a scenario where we are planning to add custom primitives that includes
fields
across different protocols like http_request_host, http_response_code,
sip_request_uri
and sip_status_code. In the existing version, if they are defined to be picked
up from
payload, then all four of t
rt is 80
then only httprequesthost should pick the value and rest should be blank.
Is there any way to perform this type of check on port number.
Thanks and Regards,
Hema Chandra Yeddula
On Thu, 16 Jan 2020 23:48:04 +, Paolo Lucente wrote
Hi,
If you define certain primitives, thos
Hi Paolo,
Thanks for previous replies.
Is it possible to log FLOWTRACK structure components like flows_exported,
packets_exported etc., for every 5m and refreshing them at every 1 m to some
flat files.
Thanks and Regards,
Hema Chandra
---
Hi
We have a case where the packet has the reassembled tcp segments. In such a
case the payload_ptr is pointing to some random lines though the offset is set
to 0. What can
be reason for this ?
Thanks & Regards,
Hema Chandra
Hi paolo,
Is there any way to track the amount data pmacct is receiving. Is there any
counter
for this in the code ?
Any help regarding the query is appreciated.
Thanks & Regards,
Hema Chandra
---
::Disclaimer::
10 matches
Mail list logo