The data is organized in a time based fashion. Process of storing and analyzing the data. The filter rules look familiar to theĪll data is stored to disk, before analyzing. The tools are optimized for speedįor efficient filtering. TheĪmount of time back in the past is limited only by the disk spaceĪvailable for all the netflow data. The goal of the design is to able to analyze netflow data from the pastĪs well as to track interesting traffic patterns continuously. Reads flow-tools data from files or from stdin in a chain of flow-toolsĬommands and converts the data into nfdump format to be processed by Reads the netflow data from the files stored by nfcapd and sends it Stores the filtered data into files for later use. Netflow data according to the specified filter sets ( profiles ) and Reads the netflow data from the files stored by nfcapd. IP addresses, ports etc ordered by whatever order you like. Netflow data and can create lots of top N statistics of flows If you like tcpdump you will like nfdump.
Nfcapd reads netflow v5, v7 and v9 flows transparently. Reads the netflow data from the network and stores the data into files.Īutomatically rotate files every n minutes. The Web interface is a separate project and available at ĭec 1, 2014: Current stable version: 1.6.13 They are part of the NfSen project which is explained more detailed
The nfdump tools collect and process netflow data on the command line. Nfdump is distributed under the BSD license - see BSD-license.txt - and This is a small description, what the nfdump tools do and how they work.
NFDUMP NFDUMP *** This project moved to Github.*** The documentation below is for legacy purpose only
0 kommentar(er)
