087470f328
everyone needs that, and it pulls in heavier dependencies) -- -- -- The nfdump tools collect and process netflow data (v5, v7 and v9) on the command line. They are part of the NfSen project. nfcapd - netflow capture daemon. Reads the netflow data from the network and stores the data into files. Automatically rotate files every n minutes (typically every 5 minutes). nfcapd reads netflow v5, v7 and v9 flows transparently. You need one nfcapd process for each netflow stream. nfdump - netflow dump. Reads the netflow data from the files stored by nfcapd. Its syntax is similar to tcpdump. If you like tcpdump you will like nfdump. Displays netflow data and can create lots of top N statistics of flows IP addresses, ports etc in whichever order you like. nfreplay - netflow replay. Reads the netflow data from the files stored by nfcapd and sends it over the network to another host. A web front-end, NfSen, is available at http://nfsen.sourceforge.net/ -- -- -- nfprofile is a netflow profiler, which works with the nfdump tools. It reads the netflow data from the files stored by nfcapd, filters the netflow data according to the specified filter sets (profiles) and stores the filtered data into files for later use. -- -- -- thanks to eric@ for testing/feedback on an earlier version, and to upstream for rolling a new release including the patches as a result. "that should be in ports for sure" henning@
20 lines
894 B
Plaintext
20 lines
894 B
Plaintext
The nfdump tools collect and process netflow data (v5, v7 and v9)
|
|
on the command line. They are part of the NfSen project.
|
|
|
|
nfcapd - netflow capture daemon. Reads the netflow data from the
|
|
network and stores the data into files. Automatically rotate files
|
|
every n minutes (typically every 5 minutes). nfcapd reads netflow v5,
|
|
v7 and v9 flows transparently. You need one nfcapd process for each
|
|
netflow stream.
|
|
|
|
nfdump - netflow dump. Reads the netflow data from the files stored
|
|
by nfcapd. Its syntax is similar to tcpdump. If you like tcpdump
|
|
you will like nfdump. Displays netflow data and can create lots of
|
|
top N statistics of flows IP addresses, ports etc in whichever
|
|
order you like.
|
|
|
|
nfreplay - netflow replay. Reads the netflow data from the files
|
|
stored by nfcapd and sends it over the network to another host.
|
|
|
|
A web front-end, NfSen, is available at http://nfsen.sourceforge.net/
|