Obtaining list of flows via API





The guide to obtain analysis results via REST API.


Product: Flowmon Collector

Version: Any

Platform: Any

Question/Problem Description:

How to get a list of flows via API?

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Resolution: It is possible to get a list of flows via API with the endpoint "rest/fmc/analysis/flows". The ID of the result is returned, and the result itself can be obtained with endpoint "rest/fmc/analysis/results/<ID>".
Example with curl:
curl -G -k "https://localhost/rest/fmc/analysis/flows" --data-urlencode "search={\"from\": \"2024-03-04 06:00\",\"to\": \"2024-03-04 06:05\",\"profile\": \"live\",\"channels\": [\"127-0-0-1_p3000\"],\"filter\": \"any\"}" --data-urlencode "showonly=20" --data-urlencode "output=[\"ts\",\"sa\",\"da\",\"nretr\"]" -H "Authorization: bearer <token>"
Returns an ID, e.g., 11, then the result can be obtained with:
curl -G -k "https://localhost/rest/fmc/analysis/results/11" -H "Authorization: bearer <token>"
The same can be tested in our REST API guide under the question mark in the GUI.
Output column values can be listed via API with the endpoint "rest/fmc/analysis/nf-columns". 
The alternative way is to configure the analysis output in the GUI - Analysis, run the query in the GUI, and check the CLI icon (Show used command) in the advanced analysis. GUI shows the nfdump command where column names are visible as well: 
/usr/local/bin/nfdump -M /data/nfsen/profiles-data/'live'/'127-0-0-1_p3000' -R '2024/04/03/nfcapd.202404030830:2024/04/03/nfcapd.202404030830' -c '20' -o 'fmt:%ts,%td,%pr,%sa,%sp,%da,%dp,%pkt,%byt,%nretr' -6 --no-scale-number

