The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
 / 
Netflow-Parser-0.01
River stage zero No dependents
++
/ Netflow::Parser

NAME

Netflow::Parser

DESCRIPTION

A Netflow Parser supports only Netflow V9. The callback will be applied to each flow during packet parsing.

VERSION

Version 0.01

SYNOPSIS

    use Netflow::Parser;

    my $nfp = Netflow::Parser->new(
            flow_cb => sub {my ($flow_hr) = @_; ...},
            templates_data => pack('H*', '01020002011b000400e60001')
        );

    while(my $packet = take_packet_from_socket()) {
        my $content = $nfp->parse($packet);

        $content->{unparsed_flowsets} && persist_for_later($content->{unparsed_flowsets});
    }

    my @templates = $nfp->templates;
    foreach (@templates) {
        my ($id, $content) = each(%{$_});
        $nfp->template($id); # persist template if you want
    }

SUBROUTINES/METHODS

new(%opts)

options:

  • templates_data

    [raw template piece]

  • flow_cb

    callback method will be applied to each flow

  • verbose

parse($packet)

currently only NetFlow V9 supported

unpack packet, try to parse flowsets content.

return { 'header' => { 'count', 'seqno', 'source_id', 'sysuptime', 'unix_secs', 'version' => 9 }, 'flows' => [flow_cb result], 'flowsets' => ?, # flowsets number 'templates' => [], # templates contains in the packet 'unparsed_flowsets' => [] # no template }

templates()

return [ { template_id => content} ]

template($template_id)

return hex dump of template for given $template_id

AUTHOR

Alexei Pastuchov <palik at cpan.org>.

REPOSITORY

https://github.com/p-alik/Netflow-Parser

LICENSE AND COPYRIGHT

Copyright 2014 by Alexei Pastuchov <palik at cpan.org>.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.