jnpr-dpi-reporter: Data visualization tool for Juniper MX-based DPI
jnpr-dpi-reporter is a containerized data visualization/reporting tool for Juniper MX-based DPI devices.
The Juniper MX-based Services Control Gateway (SCG) when configured as a DPI, exports information about the subscriber flows in the IPFIX format (RFC 7011). Along with the standard netflow fields, export IPFIX records also include Juniper enterprise-specific Information Elements that provide more detailed information about the flows. These records can be consumed by an IPFIX collector and fed into a data visualization tool.
In the jnpr-dpi-reported docker container is based on the ELK stack and the netflow codec in the logstash collector has been modified to support the Juniper enterprise-specific Information Elements. To get things started, a few Kibana plugins, visualizations and a Summary dashboard have also been included in this container.
The container also be used for visualizing any netflow version 5, 9 and 10 records. It listens on the following ports:
- Netflow v5,9: 2055/udp
- Netflow v10: 4739/udp
The following ELK versions have been used:
- Logstash (collector): 2.4
- Elasticsearch (database/search engine): 2.4
- Kibana (front-end): 2.6.1
Detailed description: https://github.com/vignitin/jnpr-dpi-reporter