Hi Joe, we have bunch of cisco router that has netflow feature built in. Netflow allows us to collect the network traffic from the devices and able to send them to udp destination for processing. As the data comes in raw, we need to parse the incoming data and do transformation and send to them hdfs, kafka or elasticseach or some other destination for analytics.
Today we are using logstash as netflow collector and able to do transformation and write them into elasticsearch for visualization. As we are moving all the logstash processing work to nifi, we want to move the netflow parsing to nifi too. https://github.com/logstash-plugins/logstash-codec-netflow http://blogs.cisco.com/security/step-by-step-setup-of-elk-for-netflow-analytics https://streamsets.com/documentation/datacollector/latest/help/#Origins/UDP.html#concept_rst_2y5_1s -Madhu On Mon, Aug 8, 2016 at 9:42 AM, Joe Witt <[email protected]> wrote: > Hello > > There are no processors included in the apache release that > specifically operate on netflow so you'd need to have a custom > processor to deal with it until one is included. > > Netflow is often flowing through NiFi typically for things like > content merging and loading into HDFS. Parsing is a good use case and > presumably after that you'd want to make some routing decisions or do > some sort of enrichment? Can you describe in more detail what you'd > like to be able to accomplish in NiFi and what systems it would > deliver the netflow to? Also, what type of Netflow is of interest (it > can be frustratingly proprietary)? > > Thanks > Joe > > On Mon, Aug 8, 2016 at 9:27 AM, Madhukar Thota <[email protected]> > wrote: > > Is there any Processor available for Netflow? If not what is the best > way to > > get Netflow data parsed using nifi? > > > > >
