RE: [Cflowd] Protocol analysis by Network

From: Darren Ward (darren.ward@nttaus.com.au)
Date: Mon Jun 03 2002 - 23:27:56 PDT

  • Next message: Goncalo Costa: "Re: [Cflowd] Raw Files and Rules"

    Paul,

    You run flowdump on the raw flow files not the arts ones which are created
    by cfdcollect from the raw flow files.

    Or as I'm about to try and do, write your own scripts to extract the raw
    flow info from the raw files and do what you want with it :)

    Darren

    -----Original Message-----
    From: Paul Matthews [mailto:matthewsp@powertel.com.au]
    Sent: Tuesday, 4 June 2002 4:01 PM
    To: 'cflowd@caida.org'
    Subject: [Cflowd] Protocol analysis by Network

    I have been using the netmatrix and the artsnets utility to give me a
    breakdown of traffic by particular source and destination networks ie
    artsnets -d 202.92.116.0/24 arts.20020530
    I'd like to get more granularity into this data and have a breakdown by
    Network and then by protocol - sepcifically I want to see how much is smtp.
    I have turned on the protocol configuration parameter - however the Protocol
    table seems to only contain this data - how do you correlate the 2 tables ?

    Do I have to run flowdump on the arts files instead of the arts utilities ?

    Thanks,

    Paul Matthews
    Network Management Systems
    PowerTel Limited
    matthewsp@powertel.com.au

    **********************************************************************
    PowerTel Limited, winners of
    Broadband Wholesale Carrier of the year, CommsWorld Telecomms Awards 2001
    Best Emerging Telco, Australian Telecom Awards 2001

    **********************************************************************
    This email (including all attachments) is intended solely for the named
    addressee. It is confidential and may contain commercially sensitive
    information. If you receive it in error, please let us know by reply email,
    delete it from your system and destroy any copies.

    This email is also subject to copyright. No part of it should be reproduced,
    adapted or transmitted without the prior written consent of the copyright
    owner.

    Emails may be interfered with, may contain computer viruses or other defects
    and may not be successfully replicated on other systems. We give no
    warranties in relation to these matters. If you have any doubts about
    the authenticity of an email purportedly sent by us, please contact us
    immediately.

    **********************************************************************

    _______________________________________________
    Cflowd mailing list
    Cflowd@caida.org
    http://login.caida.org/mailman/listinfo/cflowd

    _______________________________________________
    Cflowd mailing list
    Cflowd@caida.org
    http://login.caida.org/mailman/listinfo/cflowd



    This archive was generated by hypermail 2.1.4 : Mon Jun 03 2002 - 23:34:03 PDT