C#/.net>> C-Freeflow>> 返回
项目作者: Christopher-Costa

项目描述 :
High performance Netflow receiver with Splunk HEC integration using an economical .csv format
高级语言: C
项目地址: git://github.com/Christopher-Costa/C-Freeflow.git
创建时间: 2019-04-20T23:55:59Z
项目社区:https://github.com/Christopher-Costa/C-Freeflow
开源协议:GNU General Public License v3.0
下载


freeflow

A software program written in C that runs a Netflow v5 receiver and parses/sends data to a Splunk HTTP Event Collector (HEC) in a compact .csv format. This was developed as a way of ingesting Netflow into Splunk in a more economical way (~25% of the license demand) than Splunk Stream.

Requirements

  • This was developed and tested on CentOS 7. I make no guarantees about performance on other distros.
  • Requires openssl-devel to compile.

Compiling and Installing

GCC needs to be installed. Only standard libraries, plus openssl-devel are required to compile. Run the following commands:

  1. make
  2. make install

Running

  1. $ /opt/freeflow/bin/freeflow -c /opt/freeflow/etc/freeflow.cfg
  2. $ /opt/freeflow/bin/freeflow -c /opt/freeflow/etc/freeflow.cfg -d  (to enable debug logging)

or, to run as a service run the following commands:

  1. sudo systemctl daemon-reload
  2. sudo systemctl enable freeflow
  3. sudo systemctl start freeflow

Building an RPM

YMMV, but these are the steps I use to build RPM files in a test environment where the rpmbuild base directory is /root/rpmbuild and C-Freeflow was cloned into /root. Adjust accordingly for your environment.

  1. tar -czvf /root/rpmbuild/SOURCES/freeflow-1.0.tar.gz -C /root/ C-Freeflow/ --transform s/C-Freeflow/freeflow-1.0/
  2. rpmbuild -ba /root/C-Freeflow/rpmbuild/freeflow.spec

License

GNU General Public License v3.0

Author Information

Christopher Costa, christopher.costa@gmail.com