Writing Applications describes how to combine the API function to build sFlow-RT applications. Topology describes how to extend the capabilities by importing network topology. The JavaScript API, REST API, and System Properties settings allow sFlow-RT to be customized to support a wide variety of use cases. Many examples are described in the sFlow Blog and in downloadable Applications.

Metrics are derived from periodic sFlow counter records received from Agents and new metrics can be created by Defining Flows or by sending Custom Metrics.

Note: The following APIs are not final and are subject to change in future releases.

JavaScript API

The embedded JavaScript ES6 engine includes the following additional functions:

Server

Metrics

Threshold

Flows

Topology

BGP

Forwarding

HTTP

Utilities

REST API

Use a web browser to access the sFlow-RT web user interface, by default on port 8008, and open the REST API Explorer for detailed documentation and to interact with the API.

The following REST commands are available:

application

bgp

flows

forwarding

group

map

metrics

prometheus

server

threshold

topology

System Properties

The System Properties can be specified as arguments to the start.sh script, e.g.:

./start.sh -Dhttp.hostname=127.0.0.1 -Dhttp.port=8080

On the docker command line:

docker run -p 6343:6343/udp -p 8008:8008 sflow/sflow-rt -Dhttp.log=yes

If sFlow-RT was installed as an RPM or DEB package, edit the /usr/local/sflow-rt/conf.d/sflow-rt.conf file and restart the sflow-rt service. Alternatively, create a file under the conf.d directory with .conf extension containing additional preferences.

PropertyDefaultDescription
http.hostnameBind HTTP server to specified address
http.port8008TCP port to receive HTTP requests
http.lognoSet to yes to enable http request logging
http.htmlyesSet to no to exclude HTML pages
http.html.redirect./html/index.htmlDefault page to display
http.readonlynoSet to yes to prevent POST/PUT operations from modifying thresholds, flows, and groups
http.restyesSet to no to disable REST API if HTML pages are disabled.
http.requestheadersize4096Size of the buffer to be used for request headers
http.responseheadersize4096Size of the buffer to be used for response headers
http.responsebuffersize32768Size of the content buffer for sending responses
http.idletimeout300Timeout in seconds before closing idle requests
http.timeout.connect5000Timeout in milliseconds for JavaScript HTTP client
http.timeout.read5000Timeout in milliseconds for JavaScript HTTP client
http.checkversionyesCheck for sFlow-RT software updates
http.trustallyesSet to no to enable verification of https connections
script.fileComma separated list of JavaScript files to load at startup, see JavaScript Functions. Use http.readonly=yes to prevent modification of settings installed by scripts
script.file.<name>JavaScript file to load at startup. Name is arbitrary but must be unique for script.
script.storestoreDirectory for storing persistent objects for scripts
script.maxeventqueue1000Maximum number of events per script queue
script.maxflowqueue1000Maximum number of flow records per script queue
sflow.port6343UDP port to receive sFlow
sflow.hostnameBind sFlow listener to specific address
sflow.filePlayback sFlow from pcap file (disables sflow.port)
sflow.dsentitytoportyesSet to no to allow entity packet samplers instead of converting them to virtual ingress port-based data sources
sflow.sumegressnoSet to yes to create virtual egress sampled data sources from ingress only sampled data
sflow.maxbytes2048Maximum sFlow datagram size
sflow.rcvpktsbuffer1000Number of sflow.maxbytes byte packet buffers to request when opening the sFlow UDP socket
events.max1000Maximum number of events to keep
flows.max1000Maximum number of completed flows to keep
geo.countryGeoIP database location. Set to resources/config/GeoLite2-Country.mmdb to use GeoLite2 database
geo.asnGeoIP database location. Set to resources/config/GeoLite2-ASN.mmdb to use GeoLite2 database
oui.namesOUI name file. Set to resources/config/oui.txt to lookup names
workers.maxqueue400Maximum number of sFlow datagrams to queue per worker
workers.number4Number of worker threads processing sFlow datagrams
receivers.number1Number of threads receiving sFlow datagrams and queuing them for workers
snmp.ifnamenoSet to yes to enable SNMP retrieval of interface names
snmp.version2cSNMP version number, valid options are 1, 2c, or 3
snmp.communitypublicSet SNMP community string
snmp.userSet SNMP user
snmp.authprotocolSet SNMP authentication protocol, valid options are md5 or sha
snmp.authpasswdSet SNMP authentication password
snmp.privprotocolSet SNMP privacy protocol, valid options are des, 3des, aes128, aes192 or aes256
snmp.privpasswdSet SNMP privacy password
tenant.portflowsnoSet to yes to apply tenant port filters to flow samples in addition to counter samples
tenant.coreflowsnoSet to yes to allow export of data from all ports (including internal inter-switch links
bgp.startnoSet to yes to enable BGP listener
bgp.port1179TCP port for BGP listener
bgp.hostnameBind BGP listener to specific address
dns.serversComma separated list of DNS servers or "resolv.conf" to read server addresses from /etc/resolv.conf file.
dns.port53UDP port to make DNS requests
dns.lcnoConvert names to lowercase
dns.idnnoConvert Internationalized Domain Names (IDNs) to unicode
dns.threads2Number of threads allocated to DNS lookups
dns.maxpending100Maximum number of outstanding DNS requrests
dns.timeout5Maximum number of seconds to wait for a DNS reply
dns.cache.size100000Maximum number of DNS replies to cache
dns.cache.minexpires600Minimum number of seconds to remember positive DNS response - overrides short DNS TTL values
dns.cache.negativettl3600Number of seconds to remember a negative DNS response
apps.enableyesEnable applications
apps.discoveryesAutomatically discover and run applications in the apps directory
app.{name}.enablenoIf apps.discover=no, then selectively enable application by setting app.{name}.enable=yes
host.ip.enableyesDiscover IP address associated with host adapter
host.ip.refresh10Number of seconds before refreshing IP address to host adapter relationship