Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New component: netflow receiver #32732

Open
2 tasks
dlopes7 opened this issue Apr 29, 2024 · 9 comments
Open
2 tasks

New component: netflow receiver #32732

dlopes7 opened this issue Apr 29, 2024 · 9 comments
Labels
Accepted Component New component has been sponsored

Comments

@dlopes7
Copy link
Contributor

dlopes7 commented Apr 29, 2024

The purpose and use-cases of the new component

The netflow receiver is capable of listening for netflow, sflow or IPFIX UDP traffic and generating log entries based on the flow content.

This gives Opentelemetry users the capability of monitoring network traffic, and answer questions like:

  • Which protocols are passing through the network?
  • Which servers and clients are producing the highest amount of traffic?
  • What ports are involved in these network calls?
  • How many bytes and packets are being sent and received?

The receiver will listen for flows and decode them using the templates that are sent by the flow producers. The data then is converted to JSON and produces structured log records.

Example configuration for the component

receivers:
  netflow:
    listeners:
      - scheme: netflow
        port: 2055
        sockets: 1
        workers: 4

      - scheme: sflow
        port: 6443
        sockets: 1
        workers: 2
        queueSize: 1000

      - scheme: netflow
        host: "192.168.1.1"
        port: 2056
        sockets: 1
        workers: 2

Telemetry data types supported

Only logs for now

Is this a vendor-specific component?

  • This is a vendor-specific component
  • If this is a vendor-specific component, I am proposing to contribute and support it as a representative of the vendor.

Code Owner(s)

@dlopes7

Sponsor (optional)

No response

Additional context

Although originally NetFlow was developed by Cisco, the other types of network monitoring traffic are not vendor specific, so I am not sure if we must consider this a vendor specific receiver.

I believe that there is a lack of network monitoring visibility in Opentelemetry and this helps fill in that gap. I am committed to the development and maintenance of this receiver.

A similar idea was proposed in #18270, in this specific case I would like to contribute and already have this receiver mostly implemented in a custom collector of mine.

The receiver will be built upon the BSD-3 licensed goflow2 project, a battle tested collector, decoder and producer for flows. I have had a brief discussion with the maintainer about the feasibility of the project here and I am convinced it will be a valuable receiver for the Otel community

@dlopes7 dlopes7 added needs triage New item requiring triage Sponsor Needed New component seeking sponsor labels Apr 29, 2024
@evan-bradley evan-bradley removed the needs triage New item requiring triage label May 28, 2024
@evan-bradley
Copy link
Contributor

I'll sponsor this.

@evan-bradley evan-bradley added Accepted Component New component has been sponsored and removed Sponsor Needed New component seeking sponsor labels Jun 5, 2024
Copy link
Contributor

github-actions bot commented Aug 5, 2024

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

@github-actions github-actions bot added the Stale label Aug 5, 2024
@LucasHocker
Copy link

Are we still making progress here? Any help needed?

@github-actions github-actions bot removed the Stale label Aug 6, 2024
@atoulme
Copy link
Contributor

atoulme commented Sep 4, 2024

@LucasHocker you can see the first PR is open here: #34164 and is under review.

@strawgate
Copy link
Contributor

@dlopes7 I'd also be happy to help with the PR, just let me know

Copy link
Contributor

github-actions bot commented Dec 2, 2024

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

@github-actions github-actions bot added the Stale label Dec 2, 2024
@dlopes7
Copy link
Contributor Author

dlopes7 commented Dec 2, 2024

We are working on it, opening the second PR this week

@github-actions github-actions bot removed the Stale label Dec 3, 2024
dlopes7 added a commit to dlopes7/opentelemetry-collector-contrib that referenced this issue Dec 16, 2024
This adds the implementation for netflow receiver
Introduces:

* The OtelLogsProducerWrapper
* A parser function to convert proto to otel semantics
* The listener implementation as well as the error handling function
dlopes7 added a commit to dlopes7/opentelemetry-collector-contrib that referenced this issue Dec 16, 2024
dlopes7 added a commit to dlopes7/opentelemetry-collector-contrib that referenced this issue Dec 16, 2024
@mowies
Copy link
Member

mowies commented Dec 16, 2024

any updates on the second PR?

dlopes7 added a commit to dlopes7/opentelemetry-collector-contrib that referenced this issue Dec 16, 2024
@LucasHocker
Copy link

@dlopes7 with the merge of PR2, can this Issue be closed?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Accepted Component New component has been sponsored
Projects
None yet
Development

No branches or pull requests

6 participants