Collection method and device for Netflow traffic data

A technology of traffic data and collection method, applied in the field of data processing, can solve the problem that Netflow traffic data cannot be quickly put into storage, and achieve the effect of smooth reception and high efficiency

Active Publication Date: 2017-06-27
ULTRAPOWER SOFTWARE
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of the above problems, the present invention provides a method and equipment for collecting Netflow flow data,

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Collection method and device for Netflow traffic data
  • Collection method and device for Netflow traffic data
  • Collection method and device for Netflow traffic data

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0054] Embodiment one:

[0055] figure 1 The flowchart of the method for collecting Netflow traffic data provided by the embodiment of the present invention, such as figure 1 as shown, figure 1 The methods in include:

[0056] S110, setting a port for receiving the Netflow flow data packet sent by the external network device, and monitoring the port in real time.

[0057] S120, when the Netflow flow data packet is monitored, the received Netflow flow data packet is parsed into a key-value pair structure according to the Netflow protocol, and the key-value pair structure is matched with the attribute field configured in the configuration file, and the matched key The value pair data is encapsulated as message event data and sent to the transmission channel for caching.

[0058] Preferably, before the matched key-value pair data is encapsulated as message event data and sent to the transmission channel for caching, figure 1 The methods in also include:

[0059] Determine w...

Example Embodiment

[0075] Embodiment two:

[0076] In order to better understand the method for collecting Netflow traffic data in Embodiment 1 of the present invention, this embodiment takes the Netflow traffic data of router A of a certain company as an example, and displays real-time traffic trends by analyzing interface traffic on router A, Analyze routing IP access, analyze the security status of internal server hosts, and display interface services. Among them, router A is the core router of the company.

[0077] figure 2 The flow chart of the method for collecting Netflow traffic data provided in this embodiment, the specific collection process is as follows:

[0078] S210, setting a port for receiving the Netflow flow data packet sent by the external network device, and monitoring the port in real time.

[0079] Wherein, the external network device may be a network device supporting the Netflow protocol such as a router or a switch. In this step, the set port is used to receive the N...

Example Embodiment

[0114] Embodiment three:

[0115] Based on the same technical concept as that of Embodiment 1 or Embodiment 2, this embodiment provides an efficient device for collecting Netflow flow data.

[0116] Figure 5 The flow chart of the collection equipment for the Netflow traffic data provided by this embodiment, such as Figure 5 as shown, Figure 5 Collection devices in include

[0117] The monitoring unit 51 is configured to set a port for receiving Netflow flow packets sent by external network devices, and monitor the port in real time.

[0118] Matching unit 52, is used for when monitoring Netflow flow data packet, according to Netflow agreement, the Netflow flow data packet that receives is parsed into key-value pair structure, and described key-value pair structure is matched with the property field configured in configuration file , encapsulate the matched key-value pair data as message event data and send it to the transmission channel for caching.

[0119] The writin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a collection method and device for Netflow traffic data. The method comprises the steps of setting a port for receiving a Netflow traffic data packet sent by an external network device and monitoring the port in real time; when the Netflow traffic data packet is monitored, analyzing the received Netflow traffic data packet into a key value pair structure according to a Netflow protocol, matching the key value pair structure with an attribute filed configured in a configuration file, packaging the matched key value data into message event data, and sending the message event data to a transmission channel for cache; obtaining the message event data from the transmission channel, writing the obtained message event data into a file under an appointed catalog of the configuration file; and downloading and importing the file with the message event data into a database as traffic original data. According to the technical scheme provided by the invention, the Netflow traffic data is received, analyzed, transmitted and stored in a streaming processing mode, and compared with a single processing mode, the streaming processing mode has the advantage of higher efficiency.

Description

technical field [0001] The invention relates to the technical field of data processing, in particular to a method and equipment for collecting Netflow flow data. Background technique [0002] Raw traffic analysis is done by copying network traffic to the analysis side and then analyzing it. This original traffic analysis method needs to analyze a large amount of traffic, which will cause a large load on the analysis end. It is not suitable for long-term analysis that needs to save historical data, and it will have great limitations when performing in-depth analysis of traffic. . [0003] Netflow is a set of protocols developed by Cisco to specifically solve the problems arising from original traffic analysis. When the Netflow function is enabled on the network device or its interface, the network device will sample and analyze the traffic that needs to be analyzed, and send the sampling and analysis results to the analysis end for traffic analysis. What the analysis end o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26
CPCH04L43/00H04L43/08
Inventor 李伟王庆磊
Owner ULTRAPOWER SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap