Hi,
We currently use a number of flow-tools servers, and are looking to migrate to
nfdump/nfsen due to lack of development of flow-tools(It has served us well for
10years)
We predominantly use flow-tools for IP billing, and basic traffic analysis.
With our current flow-tools deployments, we store 40Gb of historic flow data
(./flow-capture -w /netflow/oar/krc3.v5 -E40G ...), once the flow data reaches
40Gb in this dir the oldest data is removed/deleted - Is this housekeeping
feature available in nfcapd? (The 40G gives us ~1month of raw flow data
history if we need to perform traffic analysis for a client)
We also run a cron job every morning just after midnight, that dumps the
previous 24 hours flow data into the following file format:
# src IPaddr dst IPaddr flows octets
packets
We then import this into sql/billing system
Can nfdump produce something "similar" to this? (And is it possible to have
the flow data directory structure as /YYYY/MM/DD/flow data in 5 or 10 min file?)
Thanks in advance.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
