add support for geoip related fields
Closed this issue · 4 comments
I know nfsen is basically abandoned but tossing this here in case you think its worth the time to add
usage case:
If you have maxmind support included with nfdump, right now none of that info is exposed via nfsen. You have to go run manual queries to nfdump.
Add geodb.path variable to nfsen.conf like nfdump?
Then can leverage if geo output (gline) should be used + display geo fields to sort by (srcgeo/dstgeo/geo)
Hmm .. this is not needed. NfSen runs nfdump and if nfdump is configured to use the Maxmind geoDB, everything is fine.
Be sure to have geoDB configured in nfdump.conf.
i do have it configured, and per the cli nfdump defaults to using gline output and such.
but nfsen has no logic to know if geodb is configured to be used?
so you dont have the ability as the user to say hey sort by srcgeo (as the options wont be in the dropdown).
or that it should have used gline output when running the query in the first place
No - NfSen does not need to know about geoDB - nfdump does! if you use the listing format auto then gline is automatically selected by nfdump.
If you want to use geo specific stats such as srcgeo or other output formats, you can easily complement these in details.php at the top of the file, which defines all those extra options.
gotcha, ive modifed my local instance to add geodb fields + output lines. and tossed csv in there for good measures as well.
diff --git a/html/details.php b/html/details.php
index 1802e2d..0383d73 100644
--- a/html/details.php
+++ b/html/details.php
@@ -34,6 +34,7 @@ $IPStatOption = array ( 'Flow Records',
'Any VLAN ID', 'SRC VLAN ID', 'DST VLAN ID',
'SRC MAC', 'DST MAC', 'IN MAC', 'OUT MAC',
'IN SRC MAC', 'OUT DST MAC', 'IN DST MAC', 'OUT SRC MAC',
+ 'Geo', 'Src Geo', 'Dst Geo',
'MPLS Label 1', 'MPLS Label 2', 'MPLS Label 3', 'MPLS Label 4', 'MPLS Label 5', 'MPLS Label 6', 'MPLS Label 7', 'MPLS Label 8', 'MPLS Label 9', 'MPLS Label 10'
);
@@ -49,13 +50,14 @@ $IPStatArg = array ( '-s record',
'-s vlan', '-s srcvlan','-s dstvlan',
'-s srcmac', '-s dstmac', '-s inmac', '-s outmac',
'-s insrcmac', '-s outdstmac','-s indstmac', '-s outsrcmac',
+ '-s geo', '-s srcgeo', '-s dstgeo',
'-s mpls1', '-s mpls2', '-s mpls3', '-s mpls4', '-s mpls5', '-s mpls6', '-s mpls7', '-s mpls8', '-s mpls9', '-s mpls10',
);
$IPStatOrder = array ( 'flows', 'packets', 'bytes', 'pps', 'bps', 'bpp' );
$LimitScale = array ( '-', 'K', 'M', 'G', 'T' );
-$OutputFormatOption = array ( 'auto', 'line', 'long', 'extended');
+$OutputFormatOption = array ( 'auto', 'line', 'gline', 'long', 'glong', 'extended', 'csv' );