From: Scott Sheppard (scott.sheppard@arch.bellsouth.net)
Date: Tue Feb 11 2003 - 10:13:22 PST
Hello
I am a new user of flow tools. I can see how to capture Netflow Ver 5
records. I will be using CFLOWD ver 5 sampled at 1 in 1000 packets. My
questions are
1) will flow tools support this
2) If so how to I correct for the fact that I am sampling data rather than
capturing the full stream.
thanks
Scott Sheppard MS, MBA, MS
Sr Network Engineer
BellSouth Dot Net
404 499 5539
page scott.sheppard@imcingular.com
-----Original Message-----
From: flow-tools-admin@splintered.net
[mailto:flow-tools-admin@splintered.net]On Behalf Of Craig A. Finseth
Sent: Tuesday, February 11, 2003 9:47 AM
To: flow-tools@splintered.net; cflowd@caida.org
Subject: Re: [flow-tools] Typical Hardware
>>I would like to do an informal survey of the type of hardware that
>>people on this list are using for running flowtools and or cflow
We collect flows from about 19 routers using about a dozen small Suns.
Data is forwarded to a single Sun 280 with dual 900 MHz processors, 1
GByte of memory and a half-terabyte of raid disk.
Total raw data size is about 4 GBytes/day, compressed.
It takes 12-18 hours to process one days' data.
We use the data for usage and performance reasons, not real-time
attack analysis.
Craig
_______________________________________________
flow-tools@splintered.net
http://www.splintered.net/sw/flow-tools
_______________________________________________
Cflowd mailing list
Cflowd@caida.org
http://login.caida.org/mailman/listinfo/cflowd
This archive was generated by hypermail 2.1.4 : Tue Feb 11 2003 - 10:36:31 PST