en:li_ipfix [Документация VAS Experts]
Документация VAS Experts Документация VAS Experts-mobile
in

Settings

  • Show page
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • Backlinks
  • Show page
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • Backlinks

    • Differences

    This shows you the differences between two versions of the page.

    Link to this comparison view

    Both sides previous revisionPrevious revision
    Next revision    		Previous revision
    en:li_ipfix [2017/03/13 13:17] aalekseenkoen:li_ipfix [2019/02/13 17:10] (current) – removed lexx26
    Line 1: Line 1:
    -For Clickstream data analisys (subscribers' http requests) and SIP (VOIP unciphered data) 
    -on external systems IPFIX export is available. 
    - 
    -Clickstream experts is configured by folowing parameters:  
    -<code> 
    -ipfix_dev=em1 
    -ipfix_udp_collectors=1.2.3.4:1500,1.2.3.5:1501 
    -ipfix_tcp_collectors=1.2.3.6:9418 
    -dbg_log_mask=0x80 
    -</code> 
    -where em1 NIC using for export\\  
    -ipfix_udp_collectors IP of udp collectors\\  
    -ipfix_tcp_collectors IP of tcp collectors\\  
    -dbg_log_mask=0x80 logging statistics about export 
    - 
    -IPFIX format template for Clickstream 
    -^№ ^Size in bytes ^Type ^IANA ^Description^ 
    -|1001 |4 |int32 |43823 |TIMESTAMP| 
    -|1002 |- |string |43823 |LOGIN| 
    -|1003 |4 |ipv4 |43823 |IP SOURCE| 
    -|1004 |4 |ipv4 |43823 |IP DESTINATION| 
    -|1005 |- |string |43823 |HOSTNAME/CNAME| 
    -|1006 |- |string |43823 |PATH| 
    -|1007 |- |string |43823 |REFER| 
    -|1008 |- |string |43823 |USER AGENT| 
    -|1009 |- |string |43823 |COOCKIE| 
    -|2000 |8 |int64 |43823 |SESSION ID| 
    - 
    -Clickstream is usefulnot only local authorities but ISP also for subscriber interest profiles, top of sites, ads targeting, prevent outflow of subscribers etc.   
    - 
    -SIP metadata export is configured by folowing parameters: 
    -<code> 
    -ipfix_dev=em1 
    -ipfix_meta_udp_collectors=1.2.3.4:1500,1.2.3.5:1501 
    -ipfix_meta_tcp_collectors=1.2.3.6:9418 
    -dbg_log_mask=0x80 
    -</code> 
    -here 
    -em1 NIC for data export\\  
    -ipfix_meta_udp_collectors IP of udp collectors\\  
    -ipfix_meta_tcp_collectors IP of tcp collectors\\  
    -dbg_log_mask=0x80 logging statistics about export 
    - 
    -IPFIX format template for export SIP metadata 
    -^№ ^Size in Bytes ^Type ^IANA ^Description^ 
    -|0 |     4|int32 | 1001| timestamp | 
    -|1 |     -|string| 1002| Login | 
    -|2 |     4|ipv4  | 1003| ip_src| 
    -|3 |     4|ipv4  | 1004| ip_dst| 
    -|4 |     8|int64 | 2000| session_id| 
    -|5 |     -|string| 3000| msg code| 
    -|6 |     2|int16| 3001| status code| 
    -|7 |     -|string| 3002| uri| 
    -|8 |     -|string| 3003| from| 
    -|9 |     -|string| 3004| to| 
    -|10 |    -|string| 3005| callid| 
    -|11 |    -|string| 3006| uagent| 
    -|12 |    -|string| 3007| ctype| 
    - 
    -IPFIX template for FTP metadata export 
    -^№ ^size ^type ^IANA ^description^ 
    -|1001 |     4|int32 | 43823| timestamp | 
    -|1002 |     -|string| 43823| Login | 
    -|1003 |     4|ipv4  | 43823| ip_src| 
    -|1004 |     4|ipv4  | 43823| ip_dst| 
    -|2000 |     8|int64 | 43823| session_id| 
    -|3050 |    -|string| 43823| server name| 
    -|3051 |    -|string| 43823| user| 
    -|3052 |    -|string| 43823| password| 
    -|3053 |    1|int8| 43823| mode | 
    - 
    -:!: the mode field contains the type of ftp connection 0 - active, 1 - passive 
    - 
    -IPFIX template for short messages metadata protocols (XMPP) 
    -^№ ^size ^type ^IANA ^description^ 
    -|1001 |     4|int32 | 43823| timestamp | 
    -|1002 |     -|string| 43823| Login | 
    -|1003 |     4|ipv4  | 43823| ip_src| 
    -|1004 |     4|ipv4  | 43823| ip_dst| 
    -|2000 |     8|int64 | 43823| session_id| 
    -|3100 |    -|string| 43823| im_login| 
    -|3101 |    -|string| 43823| im_passw| 
    -|3102 |    -|string| 43823| im_screen_name| 
    -|3103 |    -|string| 43823| im_uin| 
    -|3104 |    1|int8 | 43823| im_protocol| 
    -|3105 |    -|string| 43823| im_receivers| 
    - 
    -:!: the im_protocol field contains the type of usesd protocol: 7 - XMPP 
    - 
    -IPFIX template for export EMAIL metadata protocols (POP,IMAP,SMTP) 
    -^№ ^size ^type ^IANA ^description^ 
    -|1001 |     4|int32 | 43823| timestamp | 
    -|1002 |     -|string| 43823| Login | 
    -|1003 |     4|ipv4  | 43823| ip_src| 
    -|1004 |     4|ipv4  | 43823| ip_dst| 
    -|2000 |     8|int64 | 43823| session_id| 
    -|3150 |    -|string| 43823| mail_sender| 
    -|3151 |    -|string| 43823| mail_receiver| 
    -|3152 |    -|string| 43823| mail_cc| 
    -|3153 |    -|string| 43823| mail_subject| 
    -|3154 |    -|string| 43823| mail_servers| 
    -|3155 |    -|string| 43823| mail_reply| 
    -|3156 |    1|int8 | 43823| event | 
    -|3157 |    1|int8 | 43823| attachment| 
    -|3158 |    1|int8 | 43823| mail_protocol| 
    - 
    -:!: the event field contains the type of event 1 - send, 2 - receive, 
    -:!: the attachment field contains the attachment mark 
    -:!: mail_protocol = 0 - smtp, 1 - pop3, 2 - imap  
    - 
    -For receiving export with IPFIX protocol can be used any universal IPFIX collector, for instance - [[https://github.com/CESNET/ipfixcol/tree/master/base|CESNET ipfixcol]] or our utility [[ipfixreceiver|IPFIX Receiver]] 
    - 
    -