Hello,
In order to get the status line with all the statistics for a host/subnet, I
use top 1:
-without filtering for a specific subnet
[EMAIL PROTECTED] ~]# nfdump -r
/data/nfsen/profiles/live/router/nfcapd.200801271920 -n 1 -s record/flows -o
line
Aggregated flows 1944453
Top 1 flows ordered by flows:
Date flow start Duration Proto Src IP Addr:Port Dst
IP Addr:Port Packets Bytes Flows
2008-01-27 19:19:33.076 260.728 ESP 98.76.43.2:0 ->
123.45.67.89:0 28 7224 10
*Summary: total flows: 2177259, total bytes: 5.0 G, total packets: 8.1 M,
avg bps: 18.5 M, avg pps: 3829, avg bpp: 633*
Time window: 2008-01-27 18:48:12 - 2008-01-27 19:24:56
Total flows processed: 2177259, skipped: 0, Bytes read: 113219088
Sys: 1.481s flows/second: 1469359.7 Wall: 9.432s flows/second: 230833.7
You have new mail in /var/spool/mail/root
-with subnet filtering:
[EMAIL PROTECTED] ~]# nfdump -r
/data/nfsen/profiles/live/router/nfcapd.200801271920 -n 1 -s record/flows -o
line 'net 12.34.56.0/24'
Aggregated flows 5
Top 1 flows ordered by flows:
Date flow start Duration Proto Src IP Addr:Port Dst
IP Addr:Port Packets Bytes Flows
2008-01-27 19:16:58.848 0.000 TCP 98.76.54.3:25879 ->
12.34.56.7:80 1 40 1
*Summary: total flows: 5, total bytes: 832, total packets: 5, avg bps: 23,
avg pps: 0, avg bpp: 166*
Time window: 2008-01-27 18:48:12 - 2008-01-27 19:24:56
Total flows processed: 2177259, skipped: 0, Bytes read: 113219088
Sys: 0.210s flows/second: 10320377.1 Wall: 0.210s flows/second: 10363409.2
If there's a better way to do this, I'd like to find out...
On Jan 28, 2008 11:31 AM, Philippe Strauss <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I'm trying to obtain a single line summary of the total number of
> bytes, packets, flows, toward a single IPv4 adress, or a single subnet
> in my network, but I must be dumb, I can't get "nfdump -A" working.
> All I get is a full dump of flows during this timeframe.
>
> I'm using
>
> nfdump -M /opt/nfsen/profiles-data/live/rt_cc_b1:rt_cc_b2 -T -R
> 2008/01/27/nfcapd.200801272200:2008/01/28/nfcapd.200801272205 -A dstip4
> 'host 12.34.56.78'
>
> Version:
> nfdump: Version: 1.5.6 $LastChangedDate: 2007-10-15 08:05:26 +0200 (Mon,
> 15 Oct 2007) $
> $Id: nfdump.c 95 2007-10-15 06:05:26Z peter $
>
> using -s (statistics), the summary line doesn't seem to "integrate" over
> all flows.
>
> What am i doing wrong?
>
> regards.
>
> --
> Philippe Strauss
> av. de Beaulieu 25
> 1004 Lausanne
> http://philou.ch
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Nfsen-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
