Description
Component(s)
receiver/netflowreceiver
Is your feature request related to a problem? Please describe.
Right now, the NetFlow Receiver parses logs before forwarding them. Some backends require receiving raw NetFlow logs instead of parsed data. When logs are parsed before being sent, these backends may not be able to properly interpret them. They need a basic generic type, like a string, in order to do their own parsing on the data.
Describe the solution you'd like
I would like to add a new send_raw option in the NetFlow Receiver config. When send_raw is true, logs are sent with the NetFlow message as a string in the log body. When send_raw is false or is not configured, logs are parsed into attributes as before. This works for all kinds of NetFlow log data, such as v5, v9, etc.
Describe alternatives you've considered
An alternate solution could be a separate unparsed NetFlow Receiver. However, this pattern of having an option to parse within a receiver is already present in the Windows Event Log Receiver.
Additional context
I have already made a PR for this issue. Here is the link: #38832