[Flow-tools] A question about NetFlow output format
GuanYao Huang
gyhuang at mail.ustc.edu.cn
Fri Sep 19 14:19:27 EDT 2008
Hi, I am a newbie here.
I think NetFlow record itself is not readable, it can only be processed by
flow-tools, which generate some "ft" file. My question is, whether the records in
"ft" file is listed according to flows, that means, different records are
different flows.
Someone told me that in the original NetFlow record, one record is not necessarily
one flow, some records belong to the same flow.
Since the flow is also defined by a time interval, I can not only use 5 tuples to
find the distinct flow number.
Thanks.
More information about the Flow-tools
mailing list