RE: how to extract ip data from arts file written by cfdcollect?

From: Brett Rees (reesb@powertel.com.au)
Date: Sun Jun 24 2001 - 16:58:00 PDT

  • Next message: Yu-lin Chang: "Re: how to extract ip data from arts file written by cfdcollect?"

    You use the arts* binaries to do that. ie artsintfms -v
    name_of_arts_generated_file. The man pages are shipped with the arts
    package. There is a binary to handle everything that you may want to
    examine.

    Brett

    > Brett Rees
    Technical Specialist - ISSG
    > POWERTEL Limited
    > Level 11, 55 Clarence Street, SYDNEY
    > Phone: 61-2-8264-4666
    > Fax: 61-2-8264-4555
    > Mobile: 61-414-678882
    > mailto:reesb@powertel.com.au
    >
    >
    >
    > -----Original Message-----
    > From: Yu-lin Chang [SMTP:ylchang@sinica.edu]
    > Sent: Monday, June 25, 2001 3:53 AM
    > To: cflowd@caida.org
    > Subject: how to extract ip data from arts file written by cfdcollect?
    >
    > hi,
    >
    > I'm a buckwheat to cflowd. May I ask a question about cfdcollect?
    >
    > Once the cflowd & cfdcollect installed. Cfdcollect generates arts
    > files that store CISCO's flow-exports data.
    >
    > I setup the cflowd configuration tells cfdcollect to store "flows" raw
    > data,
    > my configuration (cflowd.conf) looks like following,
    >
    > CISCOEXPORTER {
    > HOST: 140.109.xxx.xxx # major ip of router who sends flow data to me.
    > ADDRESSES: { 140.109.xxx.xxx, # interface ips on router that send
    > 140.109.yyy.yyy } # out flow data.
    > CFDATAPORT: 9991 # cflowdmux listens on this UDP port.
    > SNMPCOMM: 'public' # router's SNMP community name.
    > LOCALAS: 9264 # Local AS number of this router.
    > COLLECT: { asmatrix, netmatrix, portmatrix, ifmatrix,
    > protocol, nexthop, tos, flows }
    > }
    >
    > My question is, how do I extract ip<-->ip traffic data from the arts
    > files?
    > I like to have a report like
    >
    > src_ip dst_ip in_byte out_byte protocol_type(tcp/ip/...) ip_port
    >
    > Should I write programs myself to do that? or there is a tool in
    > cflowd-package
    > can do that?
    >
    > thanks for your kindly helps, and I have to apologize for my poor English.
    >
    > sincerely,
    > Yu-lin Chang
    >
    >
    > --
    > cflowd mailing list
    > cflowd@caida.org

    **********************************************************************
    This email (including all attachments) is intended solely for the named
    addressee. It is confidential and may contain commercially sensitive
    information. If you receive it in error, please let us know by reply email,
    delete it from your system and destroy any copies.

    This email is also subject to copyright. No part of it should be reproduced,
    adapted or transmitted without the prior written consent of the copyright owner.

    Emails may be interfered with, may contain computer viruses or other defects
    and may not be successfully replicated on other systems. We give no
    warranties in relation to these matters. If you have any doubts about
    the authenticity of an email purportedly sent by us, please contact us
    immediately.

    **********************************************************************

    --
    cflowd mailing list
    cflowd@caida.org
    



    This archive was generated by hypermail 2b29 : Sun Jun 24 2001 - 17:06:09 PDT