[Flow-tools] Printing raw netflow v5
Joe Loiacono
jloiacon at csc.com
Mon Apr 28 16:41:58 EDT 2008
Curious how the netflow data got stored in those files originally? I.e.,
what format are they in? ASCII?
Netflow data arrives at a collector as a series of UDP packets with PDUs
in the v5 format. A typical collector breaks apart the payload and stores
it in some format.
If it is ASCII (or cflowd), flow-import will be able to create flow-tools
data from it.
Joe
Glenn Hochberg <gah at research.att.com>
Sent by: flow-tools-bounces at list.splintered.net
04/28/2008 04:10 PM
To
flow-tools at list.splintered.net
cc
Subject
[Flow-tools] Printing raw netflow v5
Sorry--somehow left off the subject line. Here it is again.
On Apr 28, 2008, at 3:17 PM, Glenn Hochberg wrote:
> I have some raw netflow v5 data in some files. These are not flow-
> tools format files--just raw netflow. Is it possible to feed these
> into the flow-tools commands such as flow-print somehow?
>
> Thanks!
>
> -Glenn Hochberg
>
>
_______________________________________________
Flow-tools mailing list
flow-tools at splintered.net
http://mailman.splintered.net/mailman/listinfo/flow-tools
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20080428/b8190d83/attachment.htm
More information about the Flow-tools
mailing list