Hi,
Great to know it worked. Getting to the accuracy part: one suggestion
you received what to enable renormalization - did it not work for you?
Are you using sampled NetFlow? The alternative issue could be with the
filter itself: if you repeat the big file transfer and try with/without
the filter
Hi Paolo,
First of all thanks for your help. It works fine now.
I have another problem need to be solved. The amount of data
which pmacct captured is not matching the actual usage.
They are only quite small packs, maybe the traffic between DNS
server not all
Hi,
Have you tried looking in the original NetFlow packets, ie. with
tcpdump or wireshark? I can't see pmacct mixing such information.
Also, destination IP addresses are missing because you did not
specify any aggregation method in your config, ie. try with:
aggregate: src_host, dst_host
Cheers
Hi all,
I was trying to set up the nfacctd from beginning, but this time, I
have a big issue with the ip_dst field in mysql.
The ip_dst is all 0s, but the ip_src has some ip address which
supposed to be in the ip_dst fields
Fields marked by red are ip_dst
greens are
