API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 6th, 2025
17
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 63.91 KB | None | 0 0
raw download clone embed print report
  1. {"level":"info","ts":"2025-02-06T10:13:11.565Z","logger":"flowcoll","caller":"flowcoll/main.go:56","msg":"version","version":"7.3.0"}
  2. {"level":"info","ts":"2025-02-06T10:13:11.565Z","logger":"flowcoll.license[default]","caller":"envconf/logger.go:49","msg":"EF_ACCOUNT_ID="}
  3. {"level":"info","ts":"2025-02-06T10:13:11.565Z","logger":"flowcoll.license[default]","caller":"envconf/logger.go:49","msg":"EF_FLOW_LICENSE_KEY="}
  4. {"level":"info","ts":"2025-02-06T10:13:11.565Z","logger":"flowcoll.license[default]","caller":"envconf/logger.go:49","msg":"EF_FLOW_LICENSED_CORES=0"}
  5. {"level":"info","ts":"2025-02-06T10:13:11.565Z","logger":"flowcoll.license[default]","caller":"envconf/logger.go:49","msg":"EF_FLOW_LICENSED_UNITS=0"}
  6. {"level":"info","ts":"2025-02-06T10:13:11.565Z","logger":"flowcoll.license[default]","caller":"envconf/logger.go:49","msg":"EF_LICENSE_ACCEPTED=true"}
  7. {"level":"info","ts":"2025-02-06T10:13:11.566Z","logger":"flowcoll","caller":"lic/flow.go:51","msg":"By running this software, you and/or the organization using the software agree and are bound to the terms of an ElastiFlow Inc. End-User License Agreement (EULA). For the Community (no license key), Basic and Trial tiers, the applicable license is the ElastiFlow Community EULA, which may be found at: https://www.elastiflow.com/community-license. For Standard and Premium Commercial tiers the applicable license is the ElastiFlow Standard EULA, or other terms agreed in writing with ElastiFlow Inc. The ElastiFlow Standard EULA may be found at: https://www.elastiflow.com/commercial-license."}
  8. {"level":"info","ts":"2025-02-06T10:13:11.566Z","logger":"flowcoll","caller":"lic/lic.go:49","msg":"license information","expiration":"0001-01-01T00:00:00.000Z","level":0,"units":1}
  9. {"level":"info","ts":"2025-02-06T10:13:11.567Z","caller":"flowdata/conf.go:482","msg":"Field to Drop: "}
  10. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_IPFIX_ENABLE=true"}
  11. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_NETFLOW1_ENABLE=true"}
  12. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_NETFLOW5_ENABLE=true"}
  13. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_NETFLOW6_ENABLE=true"}
  14. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_NETFLOW7_ENABLE=true"}
  15. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_NETFLOW9_ENABLE=true"}
  16. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_SFLOW5_ENABLE=true"}
  17. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_SFLOW_FLOWS_ENABLE=true"}
  18. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_SFLOW_FLOWS_KEEP_SAMPLES=false"}
  19. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_SFLOW_COUNTERS_ENABLE=true"}
  20. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DECODE_MAX_RECORDS_PER_PACKET=64"}
  21. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_TRANSLATE_KEEP_IDS=default"}
  22. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_ID_ENABLE=false"}
  23. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_ID_PATH="}
  24. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_ID_TTL=7200"}
  25. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_IPPORT_ENABLE=false"}
  26. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_IPPORT_PATH="}
  27. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_IPPORT_TTL=7200"}
  28. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_IPPORT_PRIVATE=true"}
  29. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_IPPORT_PUBLIC=false"}
  30. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_APP_REFRESH_RATE=15"}
  31. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_OPTION_ENUM_TTL=7200"}
  32. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_TTL=7200"}
  33. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_METADATA_ENABLE=false"}
  34. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_METADATA_USERDEF_PATH="}
  35. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_METADATA_REFRESH_RATE=15"}
  36. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_ENABLE=false"}
  37. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_NAMESERVER_IP="}
  38. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_NAMESERVER_TIMEOUT=3000"}
  39. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_RESOLVE_PRIVATE=true"}
  40. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_RESOLVE_PUBLIC=true"}
  41. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_USERDEF_PATH="}
  42. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_USERDEF_REFRESH_RATE=15"}
  43. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_INCLEXCL_PATH="}
  44. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_DNS_INCLEXCL_REFRESH_RATE=15"}
  45. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_API_ADDR=https://query.netintel.elastiflow.com"}
  46. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_ENABLE=true"}
  47. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_INCLEXCL_PATH="}
  48. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_INCLEXCL_REFRESH_RATE=15"}
  49. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_IP_DB_PATH="}
  50. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_REFRESH_RATE=60"}
  51. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_TIMEOUT=15"}
  52. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_NETINTEL_THREAT_COLLECTION_PATH="}
  53. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_ASN_ENABLE=false"}
  54. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_ASN_PATH=/etc/elastiflow/maxmind/GeoLite2-ASN.mmdb"}
  55. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_ENABLE=false"}
  56. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_PATH=/etc/elastiflow/maxmind/GeoLite2-City.mmdb"}
  57. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_VALUES=city,country,country_code,location,timezone"}
  58. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_LANG=en"}
  59. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_INCLEXCL_PATH="}
  60. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_INCLEXCL_REFRESH_RATE=15"}
  61. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_TTL=7200"}
  62. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_METADATA_ENABLE=false"}
  63. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_METADATA_USERDEF_PATH="}
  64. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_METADATA_REFRESH_RATE=15"}
  65. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_FLOW_OPTIONS_ENABLE=true"}
  66. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_ENABLE=false"}
  67. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_PORT=161"}
  68. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_VERSION=2"}
  69. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_COMMUNITIES=public"}
  70. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_TIMEOUT=2"}
  71. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_RETRIES=1"}
  72. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHORITATIVE_ENGINE_ID="}
  73. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHORITATIVE_ENGINE_BOOTS=0"}
  74. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHORITATIVE_ENGINE_TIME=0"}
  75. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_USERNAME="}
  76. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHENTICATION_PARAMETERS="}
  77. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_PRIVACY_PARAMETERS="}
  78. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHENTICATION_PROTOCOL=noauth"}
  79. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_PRIVACY_PROTOCOL=nopriv"}
  80. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHENTICATION_PASSPHRASE="}
  81. {"level":"info","ts":"2025-02-06T10:13:11.568Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_PRIVACY_PASSPHRASE="}
  82. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_SECRET_KEY="}
  83. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_PRIVACY_KEY="}
  84. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_ACCESS_ENABLE=false"}
  85. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_ACCESS_PATH=/etc/elastiflow/settings/snmp_access.yml"}
  86. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_NETIF_SNMP_ACCESS_REFRESH_RATE=15"}
  87. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_ASN_PREF=lookup"}
  88. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_TOTALS_IF_NO_DELTAS=false"}
  89. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_SAMPLERATE_CACHE_SIZE=32768"}
  90. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_ENABLE=false"}
  91. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_PATH=/etc/elastiflow/settings/sample_rate.yml"}
  92. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_OVERRIDE=false"}
  93. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_UPSCALE_ENABLE=false"}
  94. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_UPSCALE_RATE=4"}
  95. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_COMMUNITYID_ENABLE=true"}
  96. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_COMMUNITYID_SEED=0"}
  97. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_CONVERSATIONID_ENABLE=true"}
  98. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_CONVERSATIONID_SEED=0"}
  99. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_JOIN_ASN=true"}
  100. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_JOIN_GEOIP=true"}
  101. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_JOIN_SEC=true"}
  102. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_JOIN_CLOUD=true"}
  103. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_JOIN_NETATTR=true"}
  104. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_ENRICH_JOIN_SUBNETATTR=true"}
  105. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DURATION_PRECISION=ms"}
  106. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_TIMESTAMP_PRECISION=ms"}
  107. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_PERCENT_NORM=100"}
  108. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_EXPAND_CLISRV=true"}
  109. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_EXPAND_CLISRV_NO_L4_PORTS=true"}
  110. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_KEEP_CPU_TICKS=false"}
  111. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_POOL_SIZE=4"}
  112. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_DROP_FIELDS="}
  113. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_IFA_ENABLE=false"}
  114. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_IFA_QUEUE_SIZE=64"}
  115. {"level":"info","ts":"2025-02-06T10:13:11.569Z","logger":"flowcoll.processor[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_IFA_POOL_SIZE=4"}
  116. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_ENABLE=true"}
  117. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_ECS_ENABLE=true"}
  118. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_BATCH_DEADLINE=2000"}
  119. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_BATCH_MAX_BYTES=8388608"}
  120. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_TIMESTAMP_SOURCE=start"}
  121. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_PERIOD=rollover"}
  122. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_SUFFIX="}
  123. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_ENABLE=true"}
  124. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_OVERWRITE=true"}
  125. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_ADDRESSES=127.0.0.1:9200"}
  126. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_USERNAME=elastic"}
  127. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_PASSWORD=********************"}
  128. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_CLOUD_ID="}
  129. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_API_KEY="}
  130. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_CLIENT_CA_CERT_FILEPATH="}
  131. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_CLIENT_CERT_FILEPATH="}
  132. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_CLIENT_KEY_FILEPATH="}
  133. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_TLS_ENABLE=false"}
  134. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_TLS_SKIP_VERIFICATION=false"}
  135. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_TLS_CA_CERT_FILEPATH="}
  136. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_RETRY_ENABLE=true"}
  137. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_RETRY_ON_TIMEOUT_ENABLE=true"}
  138. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_MAX_RETRIES=3"}
  139. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_RETRY_BACKOFF=1000"}
  140. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_SHARDS=1"}
  141. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_REPLICAS=0"}
  142. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_REFRESH_INTERVAL=10s"}
  143. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_CODEC=best_compression"}
  144. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_ILM_LIFECYCLE=elastiflow"}
  145. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_PIPELINE_DEFAULT=_none"}
  146. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_PIPELINE_FINAL=_none"}
  147. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_DROP_FIELDS="}
  148. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_PROCESSOR_TIMESTAMP_PRECISION=ms"}
  149. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_ALLOWED_RECORD_TYPES=as_path_hop,flow_option,flow,ifa_hop,telemetry,metric"}
  150. {"level":"info","ts":"2025-02-06T10:13:11.570Z","logger":"flowcoll.elasticsearch[default]","caller":"envconf/logger.go:49","msg":"EF_OUTPUT_ELASTICSEARCH_TSDS_ENABLE=false"}
  151. {"level":"info","ts":"2025-02-06T10:13:11.571Z","logger":"flowcoll.httpserver","caller":"httpserver/httpserver.go:28","msg":"endpoint exposed","url":"http://0.0.0.0:8080/metrics"}
  152. {"level":"info","ts":"2025-02-06T10:13:11.571Z","logger":"flowcoll.httpserver","caller":"httpserver/httpserver.go:28","msg":"endpoint exposed","url":"http://0.0.0.0:8080/readyz"}
  153. {"level":"info","ts":"2025-02-06T10:13:11.571Z","logger":"flowcoll.httpserver","caller":"httpserver/httpserver.go:28","msg":"endpoint exposed","url":"http://0.0.0.0:8080/livez"}
  154. {"level":"info","ts":"2025-02-06T10:13:11.571Z","logger":"flowcoll.httpserver","caller":"httpserver/httpserver.go:28","msg":"endpoint exposed","url":"http://0.0.0.0:8080/support-bundle"}
  155. {"level":"info","ts":"2025-02-06T10:13:11.573Z","logger":"udpserver[0.0.0.0:2055]","caller":"server/udpserver.go:68","msg":"running","address":"0.0.0.0:2055"}
  156. {"level":"info","ts":"2025-02-06T10:13:11.593Z","logger":"enricher.app-id_memstore","caller":"appid/memstore.go:73","msg":"listening for entries to store"}
  157. {"level":"info","ts":"2025-02-06T10:13:11.594Z","logger":"enricher.app-id_memstore","caller":"appid/memstore.go:62","msg":"listening for IPs to delete"}
  158. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.ip_memstore","caller":"ip/memstore.go:74","msg":"in-memory store listening for entries to store"}
  159. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.ip_memstore","caller":"ip/memstore.go:63","msg":"in-memory store listening for IPs to delete"}
  160. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.ip_custodian","caller":"enrichapp/custodian.go:126","msg":"expiration checker is running"}
  161. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.appid_custodian","caller":"enrichapp/custodian.go:126","msg":"expiration checker is running"}
  162. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.appid_custodian","caller":"enrichapp/custodian.go:105","msg":"listening for IPs to delete"}
  163. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.appid_custodian","caller":"enrichapp/custodian.go:116","msg":"listening for entries to store"}
  164. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.ip_custodian","caller":"enrichapp/custodian.go:105","msg":"listening for IPs to delete"}
  165. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enricher.ip_custodian","caller":"enrichapp/custodian.go:116","msg":"listening for entries to store"}
  166. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enum_enricher.memstore","caller":"enum/memstore.go:73","msg":"listening for entries to store"}
  167. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enum_enricher.memstore","caller":"enum/memstore.go:62","msg":"listening for enums to delete"}
  168. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enum_enricher.custodian","caller":"enrichenum/custodian.go:96","msg":"listening for IPs to delete"}
  169. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enum_enricher.custodian","caller":"enrichenum/custodian.go:117","msg":"expiration checker is running"}
  170. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"enum_enricher.custodian","caller":"enrichenum/custodian.go:107","msg":"listening for entries to store"}
  171. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"ipaddr_enricher.hostname_enricher","caller":"hostname/hostname.go:73","msg":"started"}
  172. {"level":"info","ts":"2025-02-06T10:13:11.606Z","logger":"ipaddr_enricher.netintel_threats","caller":"netintel/enricher.go:262","msg":"fetching threat type collection and cidr tree"}
  173. {"level":"info","ts":"2025-02-06T10:13:12.917Z","logger":"ipaddr_enricher.netintel_threats","caller":"netintel/enricher.go:313","msg":"Threat Type size: 53230 bytes"}
  174. {"level":"info","ts":"2025-02-06T10:13:20.222Z","logger":"ipaddr_enricher.netintel_threats","caller":"netintel/enricher.go:294","msg":"IPdb size: 246317617 bytes"}
  175. {"level":"info","ts":"2025-02-06T10:13:30.504Z","logger":"ipaddr_enricher.netintel_threats","caller":"netintel/enricher.go:106","msg":"cidr tree successfully initialized"}
  176. {"level":"info","ts":"2025-02-06T10:13:30.504Z","logger":"ipaddr_enricher.netintel_threats","caller":"netintel/enricher.go:258","msg":"started"}
  177. {"level":"info","ts":"2025-02-06T10:13:30.504Z","logger":"ipaddr_enricher.memstore","caller":"enrichipaddr/memstore.go:39","msg":"listening for ips to delete"}
  178. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"ipaddr_enricher.custodian","caller":"enrichipaddr/custodian.go:63","msg":"listening for entries to store"}
  179. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"ipaddr_enricher.memstore","caller":"enrichipaddr/memstore.go:50","msg":"store listening for entries to store"}
  180. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"ipaddr_enricher.custodian","caller":"enrichipaddr/custodian.go:52","msg":"listening for ips to delete"}
  181. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"ipaddr_enricher.custodian","caller":"enrichipaddr/custodian.go:73","msg":"expiration checker is running"}
  182. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"netif_enricher","caller":"enrichnetif/memstore.go:41","msg":"in-memory store listening for IPs to delete"}
  183. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"netif_enricher","caller":"enrichnetif/memstore.go:52","msg":"in-memory store listening for entries to store"}
  184. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"netif_enricher.custodian","caller":"enrichnetif/custodian.go:55","msg":"listening for IPs to delete"}
  185. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"netif_enricher.custodian","caller":"enrichnetif/custodian.go:66","msg":"listening for entries to store"}
  186. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"netif_enricher.custodian","caller":"enrichnetif/custodian.go:76","msg":"expiration checker is running"}
  187. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"flow_processor","caller":"flowprocessor/flow.go:37","msg":"flow record processor is running"}
  188. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"flow_processor","caller":"flowprocessor/flow.go:37","msg":"flow record processor is running"}
  189. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"flow_processor","caller":"flowprocessor/flow.go:37","msg":"flow record processor is running"}
  190. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  191. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  192. {"level":"info","ts":"2025-02-06T10:13:30.505Z","logger":"flow_processor","caller":"flowprocessor/flow.go:37","msg":"flow record processor is running"}
  193. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  194. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  195. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  196. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  197. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  198. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  199. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  200. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  201. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  202. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  203. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  204. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  205. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  206. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  207. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  208. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  209. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  210. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  211. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  212. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  213. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  214. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  215. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  216. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  217. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  218. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  219. {"level":"error","ts":"2025-02-06T10:13:30.505Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.1 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  220. {"level":"error","ts":"2025-02-06T10:13:30.506Z","caller":"netflow9/netflow9.go:60","msg":"netflow v9: could not decode flowsets: template not yet received from 10.88.88.2 for session: 40000; you will not see flows until the template is received; this should resolve itself in a few minutes","stacktrace":"github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/netflow9.Decode\n\t/app/pkg/processors/flowprocessor/netflow9/netflow9.go:60\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.decodePacket\n\t/app/pkg/processors/flowprocessor/process/decode.go:88\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket\n\t/app/pkg/processors/flowprocessor/process/process.go:24\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket\n\t/app/pkg/processors/flowprocessor/flow.go:76\ngithub.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run\n\t/app/pkg/processors/flowprocessor/flow.go:49"}
  221. panic: interface conversion: interface {} is []interface {}, not uint64
  222.  
  223. goroutine 81 [running]:
  224. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/enrich.enrichIPaddr({0x1e10b00?, 0xc001f16150?}, {0xc075e77240, 0x10}, 0x3, {0x1277762, 0xd}, 0xc04fbbe1b0, 0xc001941b20)
  225. /app/pkg/processors/flowprocessor/enrich/utils.go:500 +0x2005
  226. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/enrich.ipAddr(0xc04fbbe2a0, 0xc04fbbe1b0, 0xc0b398f200, 0xc001951500)
  227. /app/pkg/processors/flowprocessor/enrich/ip.go:33 +0x89a
  228. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/enrich.EnrichRawIE(...)
  229. /app/pkg/processors/flowprocessor/enrich/enrich.go:60
  230. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/enrich.EnrichRecord(0xc0000be060, 0xc0b398f200, 0xc001951500)
  231. /app/pkg/processors/flowprocessor/enrich/enrich.go:73 +0x16b
  232. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/enrich.EnrichRecords(...)
  233. /app/pkg/processors/flowprocessor/enrich/enrich.go:79
  234. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.processDecodedRecords({0xc04fba3640, 0x8, 0x8}, 0xc001951500, 0xc0b398f200, 0x0, 0x0)
  235. /app/pkg/processors/flowprocessor/process/process.go:49 +0x4d2
  236. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor/process.ProcessPacket({0xc075e76b40?, 0x10?, 0x0?}, 0xc000100000?, {0xc0a1f34000?, 0x4596b8?, 0x0?}, 0x10?, 0xc0b398f200, 0xc001951500, ...)
  237. /app/pkg/processors/flowprocessor/process/process.go:29 +0x5f
  238. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).decodePacket(0xc07560ef30, {{0x1e11f38, 0xc0a1f29320}, 0xc0a3fb8480, 0x3b8, 0x194dac01798})
  239. /app/pkg/processors/flowprocessor/flow.go:76 +0x2e5
  240. github.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*FlowProcessor).Run(0xc07560ef30, {0x1e15f50, 0xc001610820})
  241. /app/pkg/processors/flowprocessor/flow.go:49 +0x405
  242. created by github.com/elastiflow/flowcoll/pkg/processors/flowprocessor.(*Pool).Run in goroutine 216
  243. /app/pkg/processors/flowprocessor/pool.go:62 +0x23b
  244.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!