Fetching NetFlow Data

Real networks can generate huge flow data sets. To be useful, this scattered data should be filtered, aggregated, grouped, sliced and summarized. In AggreGate Network Manager this is done by getNetFlowData function in Network Management context. It selects (filters) and processes NetFlow records from storage according to the options specified by function parameter. The getNetFlowData function uses internal indices to optimize the process of filtering NetFlow data arrays.

The filter parameter should be a table with one or zero records. If no records were specified, the function returns all the NetFlow data available. For real networks this can be an extremely slow and resource-consuming procedure. In most cases the table should contain one record defining the filtering condition.

Field Name	Value Type	Details	Corresponding NetFlow Event Field
node	String	Exporter's address.	host
startDate	Date	Start of the effective time period. If startDate is after endDate they will be swapped.	timestamp
endDate	Date	End of the effective time period. If endDate is before endDate they will be swapped.	timestamp
timeFrame	Long	Relative time period from the moment of function call in seconds.	timestamp
inputIfIdx	Long	Input interface index used by SNMP (ifIndex in IF-MIB).	inputIfIndex
outputIfIdx	Long	Output interface index used by SNMP (ofIndex in IF-MIB).	outputIfIndex
srcAddr	String	Packet source address.	sourceAddress
srcPort	Integer	Packet source port.	sourcePort
dstAddr	String	Packet destination address.	destinationAddress
dstPort	Integer	Packet destination port.	destinationPort
protocol	Integer	IP protocol type.	protocol
tos	Integer	Type of Service.	tos

All the fields are optional, i.e. can be null. Null-valued fields are not included in filtering condition.