Netflow / Sflow with one of the fallowing software packages http://www.plixer.com/products/netflow-sflow/scrutinizer-netflow-sflow.php http://www.solarwinds.com/NetFlow
http://www.arbornetworks.com/ Or the hand full of other open source options out there. Carlos Alcantar Race Communications / Race Team Member 101 Haskins Way, So. San Francisco, CA. 94080 Phone: +1 415 376 3314 / car...@race.com / http://www.race.com -----Original Message----- From: Maverick <myeaddr...@gmail.com> Date: Thu, 23 Feb 2012 15:19:24 -0500 To: Jeroen Massar <jer...@unfix.org> Cc: "nanog@nanog.org" <nanog@nanog.org> Subject: Re: Network Traffic Collection I want to be able to see information like how much traffic an ip send over a period of time, what machines it talked to etc from this perspective it should be IP based but I would really like to know how other people do it. Best, Ali On Thu, Feb 23, 2012 at 3:14 PM, Jeroen Massar <jer...@unfix.org> wrote: > On 2012-02-23 21:11 , Maverick wrote: >> Hello, >> >> I am trying to collect traffic traffic from pcap file and store it in >> a database but really confused how to organize it. Should I organize >> it on connection basis/ flow basis or IP basis. >> >> It might be an effort to write a customized traffic analysis tool like >> wireshark with only required functionality. I would really appreciate >> if someone can give me direction on write way of organizing the data >> because right now I only see individual packets and no way of putting >> them in some order. > > Does this all not completely depend on what you actually want to do with > it? You might want to start there instead of the other way around. > > Greets, > Jeroen >
smime.p7s
Description: S/MIME cryptographic signature
