Hi Team,
Not able to get the interface ip details on Influx DB through telegraf.Kindly help on this.
Hi @Aathi87 ,
could you share some more details , I am not sure if I understand exactly
have a nice weekend !
Hi Marc,
Thank you so much for the update.Please find the below tcpdump output.
we are trying to send those logs to influx DB using telegraf. Kinldly help on this.
root@switch:mgmt-vrf:~# tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
09:43:15.360194 IP 10.85.58.242.ssh > 10.110.88.89.60451: Flags [P.], seq 905726038:905726234, ack 2676690050, win 131, length 196
09:43:15.361719 IP 10.81.58.242.ssh > 10.110.88.89.60451: Flags [P.], seq 196:376, ack 1, win 131, length 180
09:43:15.361911 IP 10.81.58.242.ssh > 10.110.88.89.60451: Flags [P.], seq 376:540, ack 1, win 131, length 164
09:43:15.362098 IP 10.81.58.242.ssh > 10.110.88.89.60451: Flags [P.], seq 540:704, ack 1, win 131, length 164
09:43:15.362239 IP 10.81.58.242.ssh > 10.110.88.89.60451: Flags [P.], seq 704:868, ack 1, win 131, length 164
Thanks in advance
Hi Mark,
By using net plugin we gets only interface statistics like bytes send and received.
but we are trying to get the ip details crossing the interface. like source ip ,destination ip those details.
Kindly help on this.
In order to get InfluxDB to understand the output from tcpdump it will need to be in Line Protocol format. That means that you will likely need some external script, program, etc. to transform the raw tcpdump output into Line Protocol. Once it’s in LP format, you can either send it to Telegraf or directly to InfluxDB.
HTH,
dg
Hi Davidgs,
Thanks for the update.Do we have any tested scripts for the same.Request you to share the same if we have anything it will be more helpful.Thanks in advance.
I am not aware of any scripts like this, but maybe another member of the community will have something?
dg
