FetchSFTP

Description:

Fetches the content of a file from a remote SFTP server and overwrites the contents of an incoming FlowFile with the content of the remote file.

Tags:

sftp, get, retrieve, files, fetch, remote, ingest, source, input

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property supports the NiFi Expression Language.

Display NameAPI NameDefault ValueAllowable ValuesDescription
HostnameHostnameThe fully-qualified hostname or IP address of the host to fetch the data from
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
PortPort22The port to connect to on the remote host to fetch the data from
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
UsernameUsernameUsername
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
PasswordPasswordPassword for the user account
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
Private Key PathPrivate Key PathThe fully qualified path to the Private Key file

This property requires exactly one file to be provided..

Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
Private Key PassphrasePrivate Key PassphrasePassword for the private key
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
Remote FileRemote FileThe fully qualified filename on the remote system
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
Completion StrategyCompletion StrategyNone
  • None Leave the file as-is
  • Move File Move the file to the directory specified by the <Move Destination Directory> property
  • Delete File Deletes the original file from the remote system
Specifies what to do with the original file on the server once it has been pulled into NiFi. If the Completion Strategy fails, a warning will be logged but the data will still be transferred.
Move Destination DirectoryMove Destination DirectoryThe directory on the remote server to move the original file to once it has been ingested into NiFi. This property is ignored unless the Completion Strategy is set to 'Move File'. The specified directory must already exist on the remote system if 'Create Directory' is disabled, or the rename will fail.
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
Create DirectoryCreate Directoryfalse
  • true
  • false
Used when 'Completion Strategy' is 'Move File'. Specifies whether or not the remote directory should be created if it does not exist.
Disable Directory ListingDisable Directory Listingfalse
  • true
  • false
Control how 'Move Destination Directory' is created when 'Completion Strategy' is 'Move File' and 'Create Directory' is enabled. If set to 'true', directory listing is not performed prior to create missing directories. By default, this processor executes a directory listing command to see target directory existence before creating missing directories. However, there are situations that you might need to disable the directory listing such as the following. Directory listing might fail with some permission setups (e.g. chmod 100) on a directory. Also, if any other SFTP client created the directory after this processor performed a listing and before a directory creation request by this processor is finished, then an error is returned because the directory already exists.
Connection TimeoutConnection Timeout30 secAmount of time to wait before timing out while creating a connection
Data TimeoutData Timeout30 secWhen transferring a file between the local and remote system, this value specifies how long is allowed to elapse without any data being transferred between systems
Send Keep Alive On TimeoutSend Keep Alive On Timeouttrue
  • true
  • false
Send a Keep Alive message every 5 seconds up to 5 times for an overall timeout of 25 seconds.
Host Key FileHost Key FileIf supplied, the given file will be used as the Host Key; otherwise, if 'Strict Host Key Checking' property is applied (set to true) then uses the 'known_hosts' and 'known_hosts2' files from ~/.ssh directory else no host key file will be used

This property requires exactly one file to be provided..
Strict Host Key CheckingStrict Host Key Checkingfalse
  • true
  • false
Indicates whether or not strict enforcement of hosts keys should be applied
Use CompressionUse Compressionfalse
  • true
  • false
Indicates whether or not ZLIB compression should be used when transferring files
Proxy Configuration Serviceproxy-configuration-serviceController Service API:
ProxyConfigurationService
Implementation: StandardProxyConfigurationService
Specifies the Proxy Configuration Controller Service to proxy network requests. If set, it supersedes proxy settings configured per component. Supported proxies: SOCKS + AuthN, HTTP + AuthN
Proxy TypeProxy TypeDIRECT
  • DIRECT
  • HTTP
  • SOCKS
Proxy type used for file transfers
Proxy HostProxy HostThe fully qualified hostname or IP address of the proxy server
Supports Expression Language: true (will be evaluated using Environment variables only)
Proxy PortProxy PortThe port of the proxy server
Supports Expression Language: true (will be evaluated using Environment variables only)
Http Proxy UsernameHttp Proxy UsernameHttp Proxy Username
Supports Expression Language: true (will be evaluated using Environment variables only)
Http Proxy PasswordHttp Proxy PasswordHttp Proxy Password
Sensitive Property: true
Supports Expression Language: true (will be evaluated using Environment variables only)
Log level when file not foundfetchfiletransfer-notfound-loglevelERROR
  • TRACE
  • DEBUG
  • INFO
  • WARN
  • ERROR
  • FATAL
  • NONE
Log level to use in case the file does not exist when the processor is triggered
Ciphers AllowedCiphers AllowedA comma-separated list of Ciphers allowed for SFTP connections. Leave unset to allow all. Available options are: 3des-cbc, 3des-ctr, aes128-cbc, aes128-ctr, aes128-gcm@openssh.com, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, aes256-gcm@openssh.com, arcfour, arcfour128, arcfour256, blowfish-cbc, blowfish-ctr, cast128-cbc, cast128-ctr, chacha20-poly1305@openssh.com, idea-cbc, idea-ctr, serpent128-cbc, serpent128-ctr, serpent192-cbc, serpent192-ctr, serpent256-cbc, serpent256-ctr, twofish-cbc, twofish128-cbc, twofish128-ctr, twofish192-cbc, twofish192-ctr, twofish256-cbc, twofish256-ctr
Supports Expression Language: true (will be evaluated using Environment variables only)
Key Algorithms AllowedKey Algorithms AllowedA comma-separated list of Key Algorithms allowed for SFTP connections. Leave unset to allow all. Available options are: ecdsa-sha2-nistp256, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521, ecdsa-sha2-nistp521-cert-v01@openssh.com, rsa-sha2-256, rsa-sha2-512, ssh-dss, ssh-dss-cert-v01@openssh.com, ssh-ed25519, ssh-ed25519-cert-v01@openssh.com, ssh-rsa, ssh-rsa-cert-v01@openssh.com
Supports Expression Language: true (will be evaluated using Environment variables only)
Key Exchange Algorithms AllowedKey Exchange Algorithms AllowedA comma-separated list of Key Exchange Algorithms allowed for SFTP connections. Leave unset to allow all. Available options are: curve25519-sha256, curve25519-sha256@libssh.org, diffie-hellman-group-exchange-sha1, diffie-hellman-group-exchange-sha256, diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, diffie-hellman-group14-sha256, diffie-hellman-group14-sha256@ssh.com, diffie-hellman-group15-sha256, diffie-hellman-group15-sha256@ssh.com, diffie-hellman-group15-sha384@ssh.com, diffie-hellman-group15-sha512, diffie-hellman-group16-sha256, diffie-hellman-group16-sha384@ssh.com, diffie-hellman-group16-sha512, diffie-hellman-group16-sha512@ssh.com, diffie-hellman-group17-sha512, diffie-hellman-group18-sha512, diffie-hellman-group18-sha512@ssh.com, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, ext-info-c
Supports Expression Language: true (will be evaluated using Environment variables only)
Message Authentication Codes AllowedMessage Authentication Codes AllowedA comma-separated list of Message Authentication Codes allowed for SFTP connections. Leave unset to allow all. Available options are: hmac-md5, hmac-md5-96, hmac-md5-96-etm@openssh.com, hmac-md5-etm@openssh.com, hmac-ripemd160, hmac-ripemd160-96, hmac-ripemd160-etm@openssh.com, hmac-ripemd160@openssh.com, hmac-sha1, hmac-sha1-96, hmac-sha1-96@openssh.com, hmac-sha1-etm@openssh.com, hmac-sha2-256, hmac-sha2-256-etm@openssh.com, hmac-sha2-512, hmac-sha2-512-etm@openssh.com
Supports Expression Language: true (will be evaluated using Environment variables only)

Relationships:

NameDescription
successAll FlowFiles that are received are routed to success
comms.failureAny FlowFile that could not be fetched from the remote server due to a communications failure will be transferred to this Relationship.
not.foundAny FlowFile for which we receive a 'Not Found' message from the remote server will be transferred to this Relationship.
permission.deniedAny FlowFile that could not be fetched from the remote server due to insufficient permissions will be transferred to this Relationship.

Reads Attributes:

None specified.

Writes Attributes:

NameDescription
sftp.remote.hostThe hostname or IP address from which the file was pulled
sftp.remote.portThe port that was used to communicate with the remote SFTP server
sftp.remote.filenameThe name of the remote file that was pulled
filenameThe filename is updated to point to the filename fo the remote file
pathIf the Remote File contains a directory name, that directory name will be added to the FlowFile using the 'path' attribute
fetch.failure.reasonThe name of the failure relationship applied when routing to any failure relationship

State management:

This component does not store state.

Restricted:

This component is not restricted.

Input requirement:

This component requires an incoming relationship.

Example Use Cases Involving Other Components:

Use Case:

Retrieve all files in a directory of an SFTP Server

Keywords:

sftp, secure, file, transform, state, retrieve, fetch, all, stream

Components involved:

Component Type: org.apache.nifi.processors.standard.ListSFTP

Configuration:

The "Hostname" property should be set to the fully qualified hostname of the FTP Server. It's a good idea to parameterize this property by setting it to something like #{SFTP_SERVER}.

The "Remote Path" property must be set to the directory on the FTP Server where the files reside. If the flow being built is to be reused elsewhere, it's a good idea to parameterize this property by setting it to something like #{SFTP_REMOTE_PATH}.

Configure the "Username" property to the appropriate username for logging into the FTP Server. It's usually a good idea to parameterize this property by setting it to something like #{SFTP_USERNAME}.

Configure the "Password" property to the appropriate password for the provided username. It's usually a good idea to parameterize this property by setting it to something like #{SFTP_PASSWORD}.

The 'success' Relationship of this Processor is then connected to FetchSFTP.



Component Type: org.apache.nifi.processors.standard.FetchSFTP

Configuration:

"Hostname" = "${sftp.remote.host}"

"Remote File" = "${path}/${filename}"

"Username" = "${sftp.listing.user}"

"Password" = "#{SFTP_PASSWORD}"





System Resource Considerations:

None specified.

See Also:

GetSFTP, PutSFTP, GetFTP, PutFTP