I have been receiving flows from multiple routers for a while and I believe I am not doing this the most efficient and manageable way.
Currently I set up multiple flow-capture dameons each to listen on a differnet port and each port groups the files into a specific directory. Port 33333 --> /var/flows/site-a Port 44444 --> /var/flows/site-b I did this to try to group traffic in and out based on a site. As the number of routers is growing this is becoming unmanageable, as well as we are using other vendor products which can receive flows from multiple routers and then forward them to me. When this happens I am restricted to one port and all flows are lumped into one file. I am using various flow-nfilter commands to pull out data specific to a router. I am looking for any advise on how to setup flow-capture correctly to be able to somehow segregate the flows it receives into files based on the Router Exporter IP address. Is there anyway to do this. Thanks in advance. ~Lloyd -------------------------------------------------------- If you are not an intended recipient of this e-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute it. Click here for important additional terms relating to this e-mail. http://www.ml.com/email_terms/ -------------------------------------------------------- _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
