Hi Tore,
Unfortunately there is no easy way for current nfsen. As a work around, I used
a profile and a plugin which forwards the
filtered flows to a separate instance of NfSen. That's a bit of work, but
doable.
- Peter
On 4/17/13 W16 12:26, Tore Anderson wrote:
Hi,
I have a customer who would like access to his own flow data. I can't
give him access to *all* my flow data, but I was wondering if is somehow
possible to have nfcapd apply a filter that matches his network ranges,
and then re-export the matching flows to the customer's collector?
Or any other way to accomplish this in a nice way? One of the use-cases
is to quickly determine what's going on during DoS attacks, so it has to
be (near-)realtime.
Tore
--
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
___
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
--
--
Be nice to your netflow data
--
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
___
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
