v4.0.0
The ipfixprobe flow exporter is used to process packets of the high-speed network traffic to create aggregated information about ongoing traffic. The output of ipfixprobe are IP flows represented in the standard IPFIX format, thus the tool is compatible with common monitoring and detection systems. To receive packets from the network card, ipfixprobe supports libpcap and DPDK technologies and is also compatible with COMBO accelerator cards developed by CESNET. This makes it possible to monitor high-speed traffic at speeds of up to around 170Gb/s. The ipfixprobe architecture is modular and contains a number of plugins that extend common IPFIX data information. More advanced packet sequence statistics allow the use of machine learning methods to classify network traffic, including encrypted communication.