Further simplify the config file
parent
10fc0ae7cd
commit
4d1304eb7e
|
@ -54,44 +54,10 @@
|
||||||
<pollInterval unit="msec">1000</pollInterval>
|
<pollInterval unit="msec">1000</pollInterval>
|
||||||
<next>4</next>
|
<next>4</next>
|
||||||
</packetAggregator>
|
</packetAggregator>
|
||||||
|
|
||||||
<ipfixAggregator id="4">
|
<ipfixAggregator id="4">
|
||||||
<rule>
|
<rule>
|
||||||
<templateId>888</templateId>
|
<templateId>567</templateId>
|
||||||
<flowKey>
|
|
||||||
<ieName>sourceIPv4Address</ieName>
|
|
||||||
<match>131.159.20.0/24</match>
|
|
||||||
</flowKey>
|
|
||||||
<flowKey>
|
|
||||||
<ieName>destinationIPv4Address</ieName>
|
|
||||||
</flowKey>
|
|
||||||
<flowKey>
|
|
||||||
<ieName>protocolIdentifier</ieName>
|
|
||||||
</flowKey>
|
|
||||||
<flowKey>
|
|
||||||
<ieName>sourceTransportPort</ieName>
|
|
||||||
</flowKey>
|
|
||||||
<flowKey>
|
|
||||||
<ieName>destinationTransportPort</ieName>
|
|
||||||
</flowKey>
|
|
||||||
<nonFlowKey>
|
|
||||||
<ieName>flowStartMilliSeconds</ieName>
|
|
||||||
</nonFlowKey>
|
|
||||||
<nonFlowKey>
|
|
||||||
<ieName>flowEndMilliSeconds</ieName>
|
|
||||||
</nonFlowKey>
|
|
||||||
<nonFlowKey>
|
|
||||||
<ieName>octetDeltaCount</ieName>
|
|
||||||
</nonFlowKey>
|
|
||||||
<nonFlowKey>
|
|
||||||
<ieName>packetDeltaCount</ieName>
|
|
||||||
</nonFlowKey>
|
|
||||||
<nonFlowKey>
|
|
||||||
<ieName>tcpControlBits</ieName>
|
|
||||||
</nonFlowKey>
|
|
||||||
</rule>
|
|
||||||
<rule>
|
|
||||||
<templateId>0</templateId>
|
|
||||||
<flowKey>
|
<flowKey>
|
||||||
<ieName>sourceIPv4Address</ieName>
|
<ieName>sourceIPv4Address</ieName>
|
||||||
</flowKey>
|
</flowKey>
|
||||||
|
@ -135,30 +101,10 @@
|
||||||
</ipfixPrinter>
|
</ipfixPrinter>
|
||||||
|
|
||||||
<ipfixExporter id="7">
|
<ipfixExporter id="7">
|
||||||
<!--
|
|
||||||
<ipfixPacketRestrictions>
|
|
||||||
<maxPacketSize>1500</maxPacketSize>
|
|
||||||
<maxExportDelay unit="msec">500</maxExportDelay>
|
|
||||||
</ipfixPacketRestrictions>
|
|
||||||
<udpTemplateManagement>
|
|
||||||
<templateRefreshTimeout>10</templateRefreshTimeout>
|
|
||||||
</udpTemplateManagement>
|
|
||||||
-->
|
|
||||||
<collector>
|
<collector>
|
||||||
<ipAddress>127.0.0.1</ipAddress>
|
<ipAddress>127.0.0.1</ipAddress>
|
||||||
<transportProtocol>17</transportProtocol>
|
<transportProtocol>17</transportProtocol>
|
||||||
<port>1500</port>
|
<port>1500</port>
|
||||||
</collector>
|
</collector>
|
||||||
</ipfixExporter>
|
</ipfixExporter>
|
||||||
|
|
||||||
<trwPortscanDetector id="8">
|
|
||||||
<analyzerid>trwportscandetector</analyzerid>
|
|
||||||
<idmeftemplate>idmef/templates/trwportscan_template.xml</idmeftemplate>
|
|
||||||
<next>9</next>
|
|
||||||
</trwPortscanDetector>
|
|
||||||
|
|
||||||
<idmefExporter id="9">
|
|
||||||
<sendurl>http://localhost</sendurl>
|
|
||||||
</idmefExporter>
|
|
||||||
|
|
||||||
</ipfixConfig>
|
</ipfixConfig>
|
||||||
|
|
Loading…
Reference in New Issue