From: Edwin D. Vinas (edwinv@asti.dost.gov.ph)
Date: Wed Mar 12 2003 - 16:21:41 PST
MessageHi,
If you want collect netflow from routers, it is possible to use Cflowd. Cflowd has two components -- cflowdmux & cfdcollect. When cflowd is running, it will collect raw flow files version 5 format from flow-exporters and saves the raw flow files in arts++ format. In our case we are using Cflow to analyze these raw flow files. To graph the data you can use FlowScan and to database it we used a custom program called FlowSQL which stores the granular flow fields in a Postgresql database. This is an example implemenation: http://noc.asti.dost.gov.ph/netflow/index.php Docs: http://netmeas.asti.dost.gov.ph/docus/netflow/Netflow.pdf
HTH :-)
best regards,
--edwin
-----------------------------------------------------------------
If Americans have atomic bombs & the Internet...
Filipinos are very far behind to catch up in any field.
-Edwin D. Viņas
edwinv@asti.dost.gov.ph
http://www.geocities.com/edwin_vinas
Science Research Specialist I
PREGINET Project
Advanced Science and Technology Institute
UP Technopark Complex, CP Garcia Ave, Diliman,
Quezon City Philippines
-----------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This communication is intended only for the person or entity to which it is
addressed and may contain confidential and/or privileged material. If you
are not the intended recipient, please note that any review, retransmission,
dissemination, copying or other use of, or taking of any action in reliance
upon, this information by you or by persons or entities other than the
intended recipient is prohibited.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----- Original Message -----
From: Vladimir Jirasek
To: 'cflowd@caida.org'
Sent: Wednesday, March 12, 2003 10:04 PM
Subject: [Cflowd] netflow question - Cisco file format
Hi,
I have developed the tool that can read text files from Cisco Netflow collector via ftp and analyse it down to application flow level. Now I want to setup something similar but using Cflowd. I would like to use only collector function and get raw data prefferably in Cisco format.
Is this achievable?
Many thanks
Vladimir Jirasek
Mobile: +447956542287
Fixed line: +442082142813
International Workgroup Corporate network (EU153)
T-Mobile International
Imperial place, Borehamwood, WD61EA
United Kingdom
NOTICE AND DISCLAIMER:
This email (including attachments) is confidential. If you have received this email in error please notify the sender immediately and delete this email from your system without copying or disseminating it or placing any reliance upon its contents. We cannot accept liability for any breaches of confidence arising through use of email. Any opinions expressed in this email (including attachments) are those of the author and do not necessarily reflect our opinions. We will not accept responsibility for any commitments made by our employees outside the scope of our business. We do not warrant the accuracy or completeness of such information.
_______________________________________________
Cflowd mailing list
Cflowd@caida.org
http://login.caida.org/mailman/listinfo/cflowd
This archive was generated by hypermail 2.1.4 : Wed Mar 12 2003 - 16:34:47 PST