New component: netflow receiver

[dlopes7]

The purpose and use-cases of the new component

The netflow receiver is capable of listening for netflow, sflow or IPFIX UDP traffic and generating log entries based on the flow content.

This gives Opentelemetry users the capability of monitoring network traffic, and answer questions like:

• Which protocols are passing through the network?
• Which servers and clients are producing the highest amount of traffic?
• What ports are involved in these network calls?
• How many bytes and packets are being sent and received?

The receiver will listen for flows and decode them using the templates that are sent by the flow producers. The data then is converted to JSON and produces structured log records.

Example configuration for the component

receivers:
  netflow:
    listeners:
      - scheme: netflow
        port: 2055
        sockets: 1
        workers: 4

      - scheme: sflow
        port: 6443
        sockets: 1
        workers: 2
        queueSize: 1000

      - scheme: netflow
        host: "192.168.1.1"
        port: 2056
        sockets: 1
        workers: 2

Telemetry data types supported

Only logs for now

Is this a vendor-specific component?

• This is a vendor-specific component
• If this is a vendor-specific component, I am proposing to contribute and support it as a representative of the vendor.

Code Owner(s)

@dlopes7

Sponsor (optional)

No response

Additional context

Although originally NetFlow was developed by Cisco, the other types of network monitoring traffic are not vendor specific, so I am not sure if we must consider this a vendor specific receiver.

I believe that there is a lack of network monitoring visibility in Opentelemetry and this helps fill in that gap. I am committed to the development and maintenance of this receiver.

A similar idea was proposed in #18270, in this specific case I would like to contribute and already have this receiver mostly implemented in a custom collector of mine.

The receiver will be built upon the BSD-3 licensed goflow2 project, a battle tested collector, decoder and producer for flows. I have had a brief discussion with the maintainer about the feasibility of the project here and I am convinced it will be a valuable receiver for the Otel community

[evan-bradley]

I'll sponsor this.

[github-actions]

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

[LucasHocker]

Are we still making progress here? Any help needed?

[atoulme]

@LucasHocker you can see the first PR is open here: #34164 and is under review.