Skip to content

infrasonar/ipflow-probe

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CI Release Version

InfraSonar Netflow/IPFIX Probe

Documentation: https://docs.infrasonar.com/collectors/probes/ipflow/

Environment variable

Variable Default Description
AGENTCORE_HOST 127.0.0.1 Hostname or Ip address of the AgentCore.
AGENTCORE_PORT 8750 AgentCore port to connect to.
INFRASONAR_CONF /data/config/infrasonar.yaml File with probe and asset configuration like credentials.
MAX_PACKAGE_SIZE 500 Maximum package size in kilobytes (1..2000).
MAX_CHECK_TIMEOUT 300 Check time-out is 80% of the interval time with MAX_CHECK_TIMEOUT in seconds as absolute maximum.
DRY_RUN none Do not run demonized, just return checks and assets specified in the given yaml (see the Dry run section below).
LOG_LEVEL warning Log level (debug, info, warning, error or critical).
LOG_COLORIZED 0 Log using colors (0=disabled, 1=enabled).
LOG_FMT %y%m%d %H:%M:%S Log format prefix.
LISTEN_PORT 2055 Port to listen to for flow packets

Docker build

docker build -t ipflow-probe . --no-cache

Dry run

Available checks:

  • ipflow

Create a yaml file, for example (test.yaml):

asset:
  name: "foo.local"
  check: "ipflow"
  config:
    address:
      - "192.168.1.2"

Run the probe with the DRY_RUN environment variable set the the yaml file above.

DRY_RUN=test.yaml python main.py