-
Notifications
You must be signed in to change notification settings - Fork 47
Expand file tree
/
Copy pathtcp2anon2json.xml
More file actions
60 lines (57 loc) · 1.58 KB
/
tcp2anon2json.xml
File metadata and controls
60 lines (57 loc) · 1.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<!--
Receive flow data over TCP, anonymize them and store in JSON format
on a local drive.
-->
<ipfixcol2>
<!-- Input plugins -->
<inputPlugins>
<input>
<name>TCP collector</name>
<plugin>tcp</plugin>
<params>
<!-- List on port 4739 -->
<localPort>4739</localPort>
<!-- Bind to all local adresses -->
<localIPAddress></localIPAddress>
</params>
</input>
</inputPlugins>
<!-- Intermediate plugins -->
<intermediatePlugins>
<intermediate>
<name>Flow anonymization</name>
<plugin>anonymization</plugin>
<params>
<type>truncation</type>
</params>
</intermediate>
</intermediatePlugins>
<!-- Output plugins -->
<outputPlugins>
<output>
<name>JSON output</name>
<plugin>json</plugin>
<params>
<tcpFlags>formatted</tcpFlags>
<timestamp>formatted</timestamp>
<protocol>formatted</protocol>
<ignoreUnknown>true</ignoreUnknown>
<ignoreOptions>false</ignoreOptions>
<nonPrintableChar>true</nonPrintableChar>
<detailedInfo>false</detailedInfo>
<templateInfo>false</templateInfo>
<!-- Output methods -->
<outputs>
<!-- Store as files into /tmp/ipfixcol/... -->
<file>
<name>Store to files</name>
<path>/tmp/ipfixcol/flow/%Y/%m/%d/</path>
<prefix>json.</prefix>
<timeWindow>300</timeWindow>
<timeAlignment>yes</timeAlignment>
</file>
</outputs>
</params>
</output>
</outputPlugins>
</ipfixcol2>