NAME
Netflow::Parser - NetFlow datagram parser
DESCRIPTION
Netflow Parser supports currently NetFlow V9 only
VERSION
Version 0.06.001
SYNOPSIS
use Netflow::Parser;
my $nfp = Netflow::Parser->new(
flow_cb => sub {my ($flow_hr) = @_; ...},
templates_data => pack('H*', '01020002011b000400e60001')
);
while(my $packet = take_packet_from_socket()) {
my $pp = $nfp->parse($packet);
# version, count, sysuptime, unix_secs, seqno and source_id
$pp->header;
# parsed flowsets
$pp->parsed;
# unparsed flowsets
$pp->unparsed && persist_for_later($pp->unparsed);
}
# persist templates if you want
my @templates = $nfp->templates;
foreach (@templates) {
my ($id, $content) = each(%{$_});
}
SUBROUTINES/METHODS
new(%opts)
options:
templates_data
[raw template piece]
flow_cb
callback method will be applied to each parsed flow
verbose
parse($packet)
currently only NetFlow V9 supported
unpack packet, try to parse flowsets content.
return { 'header' => { 'count', 'seqno', 'source_id', 'sysuptime', 'unix_secs', 'version' => 9 }, 'flows' => [flow_cb result], 'flowsets' => ?, # flowsets number 'templates' => [], # templates contains in the packet 'unparsed_flowsets' => [] # no template }
templates()
return [ { template_id => content} ]
template($template_id)
return hex dump of template for given $template_id
EXAMPLE - Netflow Collector
my $p = Netflow::Parser->new( verbose => 1, flow_cb => sub { my ($hr) = @_; ... }
Netflow::Collector->new( port => $port, dispatch => sub { $p->parse(@_) })->run();
AUTHOR
Alexei Pastuchov <palik at cpan dot org>.
REPOSITORY
https://github.com/p-alik/Netflow-Parser
LICENSE AND COPYRIGHT
Copyright 2014-2016 by Alexei Pastuchov <palik at cpan dot org>.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.