NAME
Netflow::Parser
DESCRIPTION
A Netflow Parser supports only Netflow V9. The callback will be applied to each flow during packet parsing.
VERSION
Version 0.01
SYNOPSIS
use Netflow::Parser;
my $nfp = Netflow::Parser->new(
flow_cb => sub {my ($flow_hr) = @_; ...},
templates_data => pack('H*', '01020002011b000400e60001')
);
while(my $packet = take_packet_from_socket()) {
my $content = $nfp->parse($packet);
$content->{unparsed_flowsets} && persist_for_later($content->{unparsed_flowsets});
}
my @templates = $nfp->templates;
foreach (@templates) {
my ($id, $content) = each(%{$_});
$nfp->template($id); # persist template if you want
}SUBROUTINES/METHODS
new(%opts)
options:
templates_data[raw template piece]
flow_cbcallback method will be applied to each flow
verbose
parse($packet)
currently only NetFlow V9 supported
unpack packet, try to parse flowsets content.
return { 'header' => { 'count', 'seqno', 'source_id', 'sysuptime', 'unix_secs', 'version' => 9 }, 'flows' => [flow_cb result], 'flowsets' => ?, # flowsets number 'templates' => [], # templates contains in the packet 'unparsed_flowsets' => [] # no template }
templates()
return [ { template_id => content} ]
template($template_id)
return hex dump of template for given $template_id
AUTHOR
Alexei Pastuchov <palik at cpan.org>.
REPOSITORY
https://github.com/p-alik/Netflow-Parser
LICENSE AND COPYRIGHT
Copyright 2014 by Alexei Pastuchov <palik at cpan.org>.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.