Hi,
I found that flow data show by -t seems to skip some data so that sum up the
amount from sets of results (e.g. 5 nfdump for 1 minutes time window) will be
less than that from a single result (e.g. 1 nfdump for 5 minutes time window).
After searching the group, it seems to be same issue as
Hi,
In nfcapd, I can separately store flows from specified devices by multiple "-n
IDENT,IP,BASE_DIRECTORY". But this will introduce two problems:
1. Flows from unspecified devices will generate tons of system error logs
2. No way to capture these flows
The simplest way I think can solve is t
This is to answer my own e-mail. The packets are sflow packets which can be
captured by sfcapd.
From: dbpa...@hotmail.com
To: nfdump-discuss@lists.sourceforge.net
Date: Wed, 30 Jul 2014 17:48:23 +0800
Subject: [Nfdump-discuss] Unable to decode this netflo
I am now trying to use nfdump to replace a propriety product which is
currently monitoring dozens of network equipments of other users. I
found that nfcapd is unable to store capture packets with these
equipments, which can be done from the propriety product.
The
netflow packet header is "00
I am now trying to use nfdump to replace a propriety product which is currently
monitoring dozens of network equipments of other users. I found that nfcapd is
unable to store capture packets with these equipments, which can be done from
the propriety product.
The netflow packet header is "00 0
