Re: [Nfdump-discuss] Patch for in/out queries

Sun, 13 Nov 2016 06:03:09 -0800 

Pls see https://github.com/phaag/nfdump/issues/31 for the discussion on this 
issue.

        - Peter

On 02.06.16 19:05, Brian Candler wrote:
> The attached patch makes nfstat "bytes" queries look at the total of in+out 
> bytes (currently it only looks at "in"
> bytes). This makes it much easier to identify top traffic sources when 
> looking at NSEL records from ASA.
> 
> It also normalises all the other variables, like pps, bps and bpp, to use the 
> total (in+out) packets and (in+out) bytes.
> 
> It seems to work for me, with minimal testing. Note that *most* netflow 
> sources only generate records for a single
> direction, although maybe the "bidirectional flows" aggregation from within 
> nfdump/nfsen will benefit from this as well.
> 
> If using nfsen, you may also wish to edit details.php and set
> 
> $IPStatOrder  = array ( 'flows', 'packets', 'bytes', 'ibyte', 'obyte', 'pps', 
> 'bps', 'bpp' );
> 
> Then via the GUI you can separately sort flows by total (in+out) bytes, input 
> bytes, output bytes.
> 
> Regards,
> 
> Brian Candler.
> 
> 
> 
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
> patterns at an interface-level. Reveals which users, apps, and protocols are 
> consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
> J-Flow, sFlow and other flows. Make informed decisions using capacity 
> planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
> 
> 
> 
> _______________________________________________
> Nfdump-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
> 

-- 
Be nice to your netflow data. Use NfSen and nfdump :)

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Nfdump-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss

Reply via email to