-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathtcp2json.xml
More file actions
74 lines (63 loc) · 2.51 KB
/
tcp2json.xml
File metadata and controls
74 lines (63 loc) · 2.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?xml version="1.0" encoding="UTF-8"?>
<ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix-psamp">
<!--## Every collecting process will be started as new process -->
<collectingProcess>
<!--## Arbitrary collecting process name -->
<name>TCP collector</name>
<!--## Type of the collector. Supported types are defined in internalcfg.xml -->
<tcpCollector>
<!--## Arbitrary udp collector name -->
<name>Listening port 4739</name>
<!--## Local listening port -->
<localPort>4739</localPort>
<!--## Local address to listen on. If empty, bind to all interfaces -->
<localIPAddress></localIPAddress>
</tcpCollector>
<!--## Name of the exporting process. Must match exporting process name -->
<exportingProcess>File writer</exportingProcess>
</collectingProcess>
<!--## Exporting process configuration -->
<exportingProcess>
<!--## Name of the exporting process, must match <exportingProcess> element
in <collectingProcess> -->
<name>File writer</name>
<!--## Specification of storage plugin -->
<destination>
<!--## Arbitrary name -->
<name>JSON storage plugin</name>
<fileWriter>
<!--## Plugin (internal plugin identification) -->
<fileFormat>json</fileFormat>
<!--## TCP flags format - formated e.g. ".AP.SF" -->
<tcpFlags>formated</tcpFlags>
<!--## Timestamp format - formated e.g. "2015-08-03T14:10:20.012" -->
<timestamp>formated</timestamp>
<!--## Protocol identication format - formated e.g. "TCP" -->
<protocol>formated</protocol>
<!--## Ignore flow elements with unknown semantics -->
<ignoreUnknown>no</ignoreUnknown>
<!--## Convert non-printable characters (tab, newline, etc.) -->
<nonPrintableChar>yes</nonPrintableChar>
<!--## Store all flows into files with 5 minute windows -->
<output>
<!--## Output type identification -->
<type>file</type>
<!--## Storage directory for data collected by the plugin -->
<path>/tmp/ipfixcol/flow/%Y/%m/%d/</path>
<!--## Specifies name prefix for output files. -->
<prefix>json.</prefix>
<dumpInterval>
<!--## Specifies the time interval in seconds to rotate files -->
<timeWindow>300</timeWindow>
<!--## Align file rotation with next N minute interval -->
<timeAlignment>yes</timeAlignment>
</dumpInterval>
</output>
</fileWriter>
</destination>
<singleManager>yes</singleManager>
</exportingProcess>
<!-- List of active Intermediate Plugins -->
<intermediatePlugins>
</intermediatePlugins>
</ipfix>