Initial import

1 files changed, 309 insertions, 0 deletions

diff --git a/nfsen.conf b/nfsen.conf
new file mode 100644
index 000000000000..93c912813806
--- /dev/null
+++ b/nfsen.conf
@@ -0,0 +1,309 @@
+##############################
+#
+# NfSen master config file
+#
+# $Id: nfsen-dist.conf 22 2007-11-20 12:27:38Z phaag $
+#
+# Configuration of NfSen:
+# Set all the values to fit your NfSen setup and run the 'install.pl'
+# script from the nfsen distribution directory.
+#
+# The syntax must conform to Perl syntax.
+#
+##############################
+#
+# NfSen default layout: 
+# Any scripts, modules or profiles are installed by default under $BASEDIR. 
+# However, you may change any of these settings to fit your requested layout.
+
+#
+# Required for default layout
+$BASEDIR = "/opt/nfsen";
+
+#
+# Where to install the NfSen binaries
+$BINDIR="${BASEDIR}/bin";
+
+#
+# Where to install the NfSen Perl modules
+$LIBEXECDIR="${BASEDIR}/libexec";
+
+#
+# Where to install the config files
+$CONFDIR="/etc";
+
+#
+# NfSen html pages directory:
+# All php scripts will be installed here.
+# URL: Entry point for nfsen: http://<webserver>/nfsen/nfsen.php
+$HTMLDIR    = "/srv/http/nfsen/";
+
+#
+# Where to install the docs
+$DOCDIR="${HTMLDIR}/doc";
+
+#
+# Var space for NfSen
+$VARDIR="/var/lib/nfsen";
+
+# directory for all pid files
+$PIDDIR="/run/nfsen";
+#
+# Filter directory
+FILTERDIR="${VARDIR}/filters";
+#
+
+# FORMATDIR for custom printing formats
+FORMATDIR="${VARDIR}/fmt";
+#
+
+#
+# The Profiles stat directory, where all profile information
+# RRD DBs and png pictures of the profile are stored
+$PROFILESTATDIR="${BASEDIR}/profiles-stat";
+
+#
+# The Profiles directory, where all netflow data is stored
+$PROFILEDATADIR="${BASEDIR}/profiles-data";
+
+#
+# Where go all the backend plugins
+$BACKEND_PLUGINDIR="${BASEDIR}/plugins";
+
+#
+# Where go all the frontend plugins
+$FRONTEND_PLUGINDIR="${HTMLDIR}/plugins";
+
+#
+# nfdump tools path
+$PREFIX  = '/usr';
+
+#
+# nfsend communication socket
+$COMMSOCKET = "${PIDDIR}/nfsen.comm";
+
+# BASEDIR unrelated vars:
+#
+# Run nfcapd as this user
+# This may be a different or the same uid than your web server.
+# Note: This user must be in group $WWWGROUP, otherwise nfcapd
+#       is not able to write data files!
+$USER    = "netflow";
+
+# user and group of the web server process
+# All netflow processing will be done with this user
+$WWWUSER  = "http";
+$WWWGROUP = "http";
+
+# Receive buffer size for nfcapd - see man page nfcapd(1)
+$BUFFLEN = 200000;
+
+# list of extensions for each collector. See argument -T 
+# for nfcapd(1) for more detailes.
+# defaults to empty -> compatible to nfdump-1.5.8
+# $EXTENSIONS = '';
+# Example:
+# $EXTENSIONS = 'all';
+# $EXTENSIONS = '+3,+4';
+#
+# Directory sub hierarchy layout:
+# Possible layouts:
+#
+# 0 default     no hierachy levels - flat layout - compatible with pre NfSen versions
+# 1 %Y/%m/%d    year/month/day
+# 2 %Y/%m/%d/%H year/month/day/hour
+# 3 %Y/%W/%u    year/week_of_year/day_of_week
+# 4 %Y/%W/%u/%H year/week_of_year/day_of_week/hour
+# 5 %Y/%j       year/day-of-year
+# 6 %Y/%j/%H    year/day-of-year/hour
+# 7 %Y-%m-%d    year-month-day
+# 8 %Y-%m-%d/%H year-month-day/hour
+$SUBDIRLAYOUT = 1;
+
+# Compress flows while collecting 0 or 1
+$ZIPcollected	 = 1;
+
+# Compress flows in profiles 0 or 1
+$ZIPprofiles	 = 1;
+
+# Interrupt expire -- not yet enabled as not yet fully tested
+#$InterruptExpire = 0;
+
+# number of nfprofile processes to spawn during the profiling phase
+# depends on how busy your system is and how many CPUs you have
+# on very busy systems increase it to a higher value
+$PROFILERS = 2;
+
+# if the PROFILEDATADIR is filled up to this percentage, a warning message will be printed.
+# set to 0 to disable the test
+$DISKLIMIT = 98;
+
+# number of nfprofile processes to spawn during the profiling phase
+$PROFILERS = 6;
+
+# Some Perl Versions/Builds have memory leaks for unknown reason.
+# Therefore nfsend will increase its memory footprint over time.
+# In order to reset nfsend, it automatically reloads after 1 day
+# if PERL_HAS_MEMLEAK is set to 1
+# $PERL_HAS_MEMLEAK=0;
+
+# Netflow sources
+# Define an ident string, port and colour per netflow source
+#
+# Required parameters:
+#    ident   identifies this netflow source. e.g. the router name, 
+#            Upstream provider name etc.
+#    port    nfcapd listens on this port for netflow data for this source
+#			 set port to '0' if you do not want a collector to be started
+#    col     colour in nfsen graphs for this source
+#
+# Optional parameters
+#    type    Collector type needed for this source. Can be 'netflow' or 'sflow'. Default is netflow
+#	 optarg	 Optional args to the collector at startup
+#
+# Syntax: 
+#         'ident' => { 'port' => '<portnum>', 'col' => '<colour>', 'type' => '<type>' }
+# Ident strings must be 1 to 19 characters long only, containing characters [a-zA-Z0-9_].
+
+%sources = (
+    'upstream1'    => { 'port' => '9995', 'col' => '#0000ff', 'type' => 'netflow' },
+    'peer1'        => { 'port' => '9996', 'IP' => '172.16.17.18' },
+    'peer2'        => { 'port' => '9996', 'IP' => '172.16.17.19' },
+);
+
+#
+# Low water mark: When expiring files, delete files until
+# size = $low_water % of max_size
+# typically 90 
+$low_water = 90;
+
+#
+# syslog facility for periodic jobs
+# nfsen uses level 'debug', 'info', 'warning' and 'err'
+# Note: nfsen is very chatty for level 'debug' and 'info'
+# For normal operation, you may set the logging level in syslog.conf
+# to warning or error unless you want to debug NfSen
+$syslog_facility = 'local3';
+
+#
+# SYSLOG mess 
+# Log socket type: Most *NIX such as LINUX and *BSD are fine with 'unix'
+# which is the default. You need to change that to 'stream' or 'inet' for 
+# some Solaris version 8/9, AIX and others ..
+# You may set it to undef to prevent calling Sys::Syslog::setlogsock at all
+# ( works for Solaris 10 and newer Sys::Syslog module
+#
+# If not defined at all, 'unix' is assumed unless for Solaris, which defaults to 'stream'
+# $LogSocket = 'unix';
+
+#
+# Plugins
+# Plugins extend NfSen for the purpose of: 
+# Periodic data processing, alerting-condition and alerting-action
+# For data processing a plugin may run for any profile or for a specific profile only.
+#     Syntax: [ 'profile list', 'module' ]
+#            profile list:  ',' separated list of profiles ( 'profilegroup/profilename' ), 
+#                           or '*' for any profile, '!' for no profile
+#            module:        Perl Module name, equal to plugin name 
+# The profile list '!' make sense for plugins, which only provide alerting functions
+#
+# The module follows the standard Perl module conventions, with at least one
+# function: Init(). See demoplugin.pm for a simple template.
+#
+# A file with the same name in the FRONTEND_PLUGINDIR and .php extension is automatically
+# recongized as frontend plugin.
+#
+# Plugins are installed under 
+# $BACKEND_PLUGINDIR and $FRONTEND_PLUGINDIR
+
+@plugins = (
+    # profile    # module
+    # [ '*',     'demoplugin' ],
+);
+
+%PluginConf = (
+	# For plugin demoplugin
+	demoplugin => {
+		# scalar
+		param2 => 42,
+		# hash
+		param1 => { 'key' => 'value' },
+	},
+	# for plugin otherplugin
+	otherplugin => [ 
+		# array
+		'mary had a little lamb' 
+	],
+);
+
+#
+# Alert module: email alerting:
+# Use this from address 
+$MAIL_FROM   = 'your@from.example.net';
+
+# Use this SMTP server
+$SMTP_SERVER = 'localhost';
+
+# Use this email body:
+# You may have multiple lines of text.
+# Var substitution:
+# @alert@ 		replaced by alert name
+# @timeslot@	replaced by timeslot alert triggered
+$MAIL_BODY	 = q{ 
+Alert '@alert@' triggered at timeslot @timeslot@
+};
+
+######################################################
+#
+# For the NfSen simulator include the section below.
+#
+######################################################
+#
+# Nfsen Simulator
+# The simulator requires, that you have already installed
+# and configured NfSen. The simulation is based on already
+# pre-colleted data, which you may get from another live 
+# NfSen system.
+# 
+# Steps to setup the NfSen simulator:
+# 1. Configure the sources of the live profile with the 
+#    same names of the NfSen system, you take netflow data
+#    for the simulation. Set the port for each netflow source
+#    to 0 to prevent a collector to be started.
+#    Install NfSen with this config in a seperate directory
+# 2. Copy the pre-collected data into the appropriate 
+#    netflow directory of the live profile.
+# 3. Configure the simulator using the parameters below
+#    Enable Simulation mode => $SIMmode = 1
+#    Configure the time window of the pre-collected data.
+#      tstart    => Start of time window. yyyymmddhhmm
+#      tbegin    => Optional parameter. Start of simulation 
+#                   profile exists already between tstart - tbegin
+#      tend      => End of time window. yyyymmddhhmm
+#      cycletime => simulation time in seconds of a 5min slot
+#    Setting cycletime = 0 processes the cycles as fast as
+#    possible. Please note, if you test plugings, your 
+#    cycletime needs to be at least the time required to 
+#    process all plugins.
+# 4. Start nfsen: ../nfsen start
+#    Simulation starts
+#
+# The simulator runs from tstart to tend and stops when tend
+# is reached. You may stop the simulation at any given time
+# using ./nfsen stop. To continue the simulation start NfSen
+# again: ./nfsen start. You may reset the simulator at any
+# given time using ./nfsen abort-reset. This stops the sumulation
+# and rolls back to tstart. All profiles/alerts are deleted,
+# so you may start from scratch again.
+#
+# Configure simulator parameters
+#
+# $SIMmode = 1;
+# %sim = (
+#    'tstart'     => '200707100000',	# Simulation data available from July 10th 2007 00:00
+#    'tbegin'     => '200707110000',	# Simulation begins at July 11th 2007 00:00
+#    'tend'       => '200707112355',	# Simulation ends at July 11th 2007 23:55
+#    'cycletime'  => '30',				# 30s per 5min slot
+# );
+
+1;