Hi Randal, On 11/27/13 7:04 AM, Randal T. Rioux wrote: > On 11/27/2013 12:54 AM, Mark M wrote: >> Is it possible to export the flows as syslog so I can send it off to >> Splunk? > Ha! This is incredibly timely. I work at Splunk and *just* completed a > TA using nfcapd/nfdump for pulling in and parsing Netflow v5, v9 and IPFIX. > > It's not public yet, but should be soon. It's the only open source and > free TA (not quite an "app" but handles the logic) that works. > > Mad props to the nfdump team. I'll keep you posted. > > Meanwhile, if anyone wants to try my beta, contact me at [email protected]. > > Oh, and to answer your question: no. I'm doing it in a nfcapd -> nfdump > to CSV -> Splunk monitor input. With some magic and creativity, of course.
Try to check perl Net::NfDump (http://search.cpan.org/~tpoder/Net-NfDump/lib/Net/NfDump.pm); already adopted to nfdump 1.6.11. Maybe it would allow you to avoid some magic :-)) It might be more effective instead of exporting data to CSV, parsing CSV and converting into something else. Tomas ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk _______________________________________________ Nfdump-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
