📄 config.xml
字号:
<?xml version="1.0" encoding="UTF-8"?><jflowanalyzer-configuration> <!-- Collector settings --> <collector> <!-- sample-period in seconds. Summarization period. Collector wiil be create one record for this period in the database --> <sample-period>86400</sample-period> </collector> <mysql> <host>localhost</host> <user>netflow</user> <password></password> <database>netflow</database> </mysql> <filters> <!-- tag <filter/> tag parameters: name - this is a name for the filter; inside this tag should be following tags: <param/> - some paramater. if has following parameter "name"^ src-net - source network dst-net - destination network net - source or destination network src-if - source interface index dst-if - destination interface index if - source or destination interface index src-as - source ASN dst-as - destination ASN as - source or destination ASN values inside this tag should be delimited by space or should be in new line <expression/> - the logical expression to filter flows; allowed operators: or - logical OR and - logical AND ! - logical NOT --> <filter name="External"> <param name="src-net"> 192.168.1.0/24 192.168.2.0/24 </param> <param name="dst-net"> 192.168.1.0/24 192.168.2.0/24 </param> <param name="src-if"> 1 </param> <param name="dst-if"> 1 </param> <expression> (dst-if and src-net and !dst-net) or (src-if and dst-net and !src-net) </expression> </filter> <filter name="Internal"> <param name="src-net"> 192.168.1.0/24 192.168.2.0/24 </param> <param name="dst-net"> 192.168.1.0/24 192.168.2.0/24 </param> <expression>src-net and dst-net</expression> </filter> <filter name="Peer"> <param name="src-net"> 192.168.1.0/24 192.168.2.0/24 </param> <param name="dst-net"> 192.168.1.0/24 192.168.2.0/24 </param> <param name="src-as"> 12345 </param> <param name="dst-as"> 12345 </param> <expression>(src-net and dst-as) or (dst-net and src-as)</expression> </filter> <filter name="Cisco-Backbone-1 clients"> <param name="net">192.168.1.0/24</param> <expression>net</expression> </filter> <filter name="Cisco-Backbone-2 clients"> <param name="net">192.168.2.0/24</param> <expression>net</expression> </filter> </filters> <exporters> <!-- tag <exporter/> - netflow records exporter. name - exporter name <address/> - IP address of exporter <handler/> - handler --> <exporter name="Cisco-Backbone-1"> <address>10.10.10.1</address> <handler name="Internal traffic"> <!-- <use-filter> - filter name to use. this filter should be defined in <filters> section. <use-accountant> - accountant name to use; this accountant should be defined in <accountants> section. <accounted-network> - network of clients connected to exporter; it used to defile direction of traffic. incoming or outgoing. --> <use-filter>Internal</use-filter> <use-filter>Cisco-Backbone-1 clients</use-filter> <use-accountant>Internal traffic accountant</use-accountant> <accounted-network>192.168.1.0/24</accounted-network> </handler> <handler name="Total traffic"> <use-filter>Cisco-Backbone-1 clients</use-filter> <use-accountant>Total traffic accountant</use-accountant> <accounted-network>192.168.1.0/24</accounted-network> </handler> </exporter> <exporter name="Cisco-Backbone-2"> <address>10.10.10.2</address> <handler name="Internal traffic"> <!-- <use-filter> - filter name to use. this filter should be defined in <filters> section. <use-accountant> - accountant name to use; this accountant should be defined in <accountants> section. <accounted-network> - network of clients connected to exporter; it used to defile direction of traffic. incoming or outgoing. --> <use-filter>Internal</use-filter> <use-filter>Cisco-Backbone-2 clients</use-filter> <use-accountant>Internal traffic accountant</use-accountant> <accounted-network>192.168.2.0/24</accounted-network> </handler> <handler name="Total traffic"> <use-filter>Cisco-Backbone-2 clients</use-filter> <use-accountant>Total traffic accountant</use-accountant> <accounted-network>192.168.2.0/24</accounted-network> </handler> </exporter> <exporter name="Cisco-Peer"> <address>10.10.10.11</address> <handler name="Peer traffic"> <use-filter>Peer</use-filter> <use-accountant>Peering traffic accountant</use-accountant> <accounted-network>192.168.0.0/16</accounted-network> </handler> </exporter> <exporter name="Cisco-External"> <address>10.10.10.12</address> <handler name="External traffic"> <use-filter>External</use-filter> <use-accountant>External traffic accountant</use-accountant> <accounted-network>192.168.0.0/16</accounted-network> </handler> </exporter> </exporters> <accountants> <!-- <accountant/> name - accountant name <db-input-field> <db-output-field> - fields in the database table to write accounting information; --> <accountant name="Peering traffic accountant"> <db-input-field>peer_input</db-input-field> <db-output-field>peer_output</db-output-field> </accountant> <accountant name="Internal traffic accountant"> <db-input-field>internal_input</db-input-field> <db-output-field>internal_output</db-output-field> </accountant> <accountant name="Total traffic accountant"> <db-input-field>total_input</db-input-field> <db-output-field>total_output</db-output-field> </accountant> <accountant name="External traffic accountant"> <db-input-field>external_input</db-input-field> <db-output-field>external_output</db-output-field> </accountant> </accountants> </jflowanalyzer-configuration>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -