Hi,
jing shen wrote:
Hi ��
I collect about 4GB netflow data from a Juniper router. I want to
do post processing with flowscan.
When using flow-print, it shows the file contain many records
on traffic of that router.
It sounds good... :)
"ERROR updating /home/sj/bin/flowscan/reports/rrds/service_nntp_src.rrd: illegal attempt to update using time 1100759797 when last update time is 1100770678 (minimum one second step) "
If I copy files one by one to processing directory, and flowscan manually. It shows:
"2004/11/19 21:12:06 working on file /home/sj/bin/flowscan/ft/ft-v05.2004-11-19.000001+0800... /home/sj/bin/flowscan/ft/ft-v05.2004-11-19.000001+0800: Invalid index in cflowd flow file: 0xCF100103! Version 5 flow-export is required with *all* fields being saved. 2004/11/19 21:12:06 flowscan-1.020 CUFlow: Cflow::find took 0 wallclock secs ( 0.00 usr + 0.00 sys = 0.00 CPU) for 91155237 flow file bytes, flow hit ratio: 0/0 2004/11/19 21:12:06 flowscan-1.020 CUFlow: report took 0 wallclock secs ( 0.00 usr + 0.01 sys = 0.01 CPU) sleep 30... "
why?
Well, you need to recompile the Cflow module. It's under contrib directory of flow-tools source code (it's not necessary to re-compile flow-tools..).
Please, have a look: https://www1.columbia.edu/sec/bboard/mj/cuflow-users/archive/2003_12/msg00006.html
Bye, -- Gustavo Rodrigues Ramos ACME! Computer Security Researcher gustavo @ acmesecurity . org
_______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
