gnat_import

Synopsis

Imports IPFIX files generated by gnat_sensor and transform into Parquet files with the standard data schema.

Description

The gnat_import tool is primarily used to import IPFIX files generated by gnat_sensor and transform them into Parquet files. This tool implements the gnat command line interface and shares the same required and optional arguments as other GNAT tools.

Options

Options are specified using the --options argument and are separated by semicolons.

`--options observation=<observation>`

The --options observation argument specifies the observation or sensor identifier that captured the flow. This identifier is used to tag the imported data with the source of the observation.

`--options asn=<asn>`

The --options asn argument specifies the path to MaxMind GeoLite ASN Database. This database is used annotate flow records with ASN information.

`--options country=<country>`

The --options country argument specifies the path to MaxMind GeoLite Country Database. This database is used annotate flow records with country information.

Example

$ gnat_import --options observation=gnat_sensor;asn=/var/lib/GeoLite2-ASN.mmdb;country=/var/lib/GeoLite2-Country.mmdb --input /var/spool/import --output /var/spool/minute

Synopsis​

Description​

Options​

--options observation=<observation>​

--options asn=<asn>​

--options country=<country>​

Example​

See Also​