Fixbuf is used for building IPFIX collecting and exporting processes. It is a compliant implementation of the IPFIX Protocol as defined in the "Specification of the IPFIX Protocol for the Exchange of Flow Information" (RFC 7011). The CERT NetSA Security Suite supports two fixbuf APIs:

Fixbuf's Role in the CERT NetSA Security Suite

libfixbuf is a vital but largely invisible part of the CERT NetSA Security Suite. As a library, it is the foundation upon which the IPFIX-processing tools in the are built.

However, libfixbuf also provides two command-line tools that convert binary IPFIX to text:

Recommended Uses of Fixbuf

The fixbuf APIs are used to write applications, often called mediators, that collect and export IPFIX. Mediators are useful in modifying, filtering, or adding to the contents of a message before forwarding to another IPFIX collection point. They also can convert IPFIX to another format (text, database, JSON, et cetera).