Allow Flows to be Searched By snmpifname and snmpifdescr
Description
RFC 3954 for Netflow 9 and RFC 3176 for SFlow do not require that `ifIndex` values remain consistent across flow exporter restarts.
Linux does not initialize network interfaces in a deterministic order, or have a method for persisting interface indices, so a Linux-based flow exporter's interfaces may change order when it is restarted. This can cause OpenNMS queries against flow data to fail.
It would be useful to enrich flow documents with `snmpinterface.snmpifname` and `snmpinterface.snmpifdescr` values, so flows can be queried independently of the current `snmpinterface.snmpifindex`.
I believe this would require changes to:
Flow enrichment in Telemetryd, for both OpenNMS and Sentinel
RFC 3954 for Netflow 9 and RFC 3176 for SFlow do not require that `ifIndex` values remain consistent across flow exporter restarts.
Linux does not initialize network interfaces in a deterministic order, or have a method for persisting interface indices, so a Linux-based flow exporter's interfaces may change order when it is restarted. This can cause OpenNMS queries against flow data to fail.
It would be useful to enrich flow documents with `snmpinterface.snmpifname` and `snmpinterface.snmpifdescr` values, so flows can be queried independently of the current `snmpinterface.snmpifindex`.
I believe this would require changes to:
Flow enrichment in Telemetryd, for both OpenNMS and Sentinel
Elasticsearch document templates
Flow query API in OpenNMS
Helm Flow DS