----- Original Message ----
From: Joe Loiacono <[EMAIL PROTECTED]>
To: jay alvarez <[EMAIL PROTECTED]>
Cc: [email protected]; [EMAIL PROTECTED]
Sent: Thursday, January 11, 2007 8:56:11 PM
Subject: Re: [Flow-tools] flow-cat "20gig of flows" |flow-stat -f8 -S2 takes
forever to complete...
Hi Joe,
<snip>
> FlowTracker is only looking at a five-minute window,
so it is pretty quick.
> You may want to write a script that runs once a day,
generates the current day's stats, and > accumulates those into a running
total of traffic by country.
I've already solved my problem.. I just flow-cat |flow-stat a week of flows. It
took me 30-40 minutes for each run with around 5-8 gig of flows..
We will also keep on using Flow-viewer but we'll make sure not to specify very
long time span so that it will be able to finish properly.
For the top destination country, what I did was, create a script that will
parse the output of flow-stat -f8 and write the corresponding countries of
those IPs by using bulk whois service at cymru.com and then finally adding the
bytes of all IPs belonging to the same country. It's kind of ugly but works
like a charm.
Joe
____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com
_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools
