21 May
2017
21 May
'17
11:47 a.m.
FreeBSD has source for ntop, nfsen, and softflowd. It appears that
ntop and nfsen each have their own private file layout. I'm still
looking at softflowd, but my first impression is that its output
is datagrams headed for a collector which would in turn write it
to disk - probably in its own private format.
I had hoped to avoid the overhead of sending the data in NetFlow
packets to a separate collector.
Point is that I've already got the data exported from the router.
Now I'm trying to write it to disk in a format that one of the
analysis packages will cope with. The two file formats I've
looked at seem obscure.
- Brian
On Sun, May 21, 2017 at 11:37:28AM -0400, lleachii--- via 44Net wrote:
(Please trim inclusions from previous messages)
_______________________________________________
I like ntop; but the version available through most OEes is the old version
(the old version did not have a integrated database/save feature). The new
version (I believe) requires a paid license.
I use nfsen on my collector, the router dumps in netflow v5 - using the
softflowd software packaged with LEDE.
I'll search for a 'white paper' on the format/syntax of the output data.
- Lynwood
KB3VWG
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net