hi,
I'm a buckwheat to cflowd. May I ask a question about cfdcollect?
Once the cflowd & cfdcollect installed. Cfdcollect generates arts
files that store CISCO's flow-exports data.
I setup the cflowd configuration tells cfdcollect to store "flows" raw data,
my configuration (cflowd.conf) looks like following,
CISCOEXPORTER {
HOST: 140.109.xxx.xxx # major ip of router who sends flow data to me.
ADDRESSES: { 140.109.xxx.xxx, # interface ips on router that send
140.109.yyy.yyy } # out flow data.
CFDATAPORT: 9991 # cflowdmux listens on this UDP port.
SNMPCOMM: 'public' # router's SNMP community name.
LOCALAS: 9264 # Local AS number of this router.
COLLECT: { asmatrix, netmatrix, portmatrix, ifmatrix,
protocol, nexthop, tos, flows }
}
My question is, how do I extract ip<-->ip traffic data from the arts files?
I like to have a report like
src_ip dst_ip in_byte out_byte protocol_type(tcp/ip/...) ip_port
Should I write programs myself to do that? or there is a tool in cflowd-package
can do that?
thanks for your kindly helps, and I have to apologize for my poor English.
sincerely,
Yu-lin Chang
-- cflowd mailing list cflowd@caida.org
This archive was generated by hypermail 2b29 : Sun Jun 24 2001 - 14:01:01 PDT