On Thu, Dec 21, 2006 at 10:18:49PM -0800, jay alvarez wrote:
> After running flow-capture beginning december 1, I looked into the
> flows directory and it has tremendously grown into 16Gig in size.
> As of now it contains 6005 pieces of 5-minute flows. My goal is to run
> "flow-cat all_December_flows | flow-stat -f 8", however I'm having a
> difficulty when executing this command. To overcome the shell
> limitation when flow-catting too many files (6005)
As the other poster suggested, you need to switch to a date-based
directory format. See the flow-capture man page for the details -
it will do it automatically. Then you can do things like
flow-cat /var/netflow/ft/2006/2006-12/
To get all of December 2006 - flow-cat is smart enough to follow
the directory tree recursively.
> someone suggested
> to execute flow-cat to all flows one by one using this script:
> #!/bin/sh
> for i in /var/netflow/ft/all/ft-v05.2006-12-0* ; do flow-cat ${i} >>
> dec0; done
> #for i in /var/netflow/ft/all/ft-v05.2006-12-1* ; do flow-cat ${i} >>
> dec0; done
> #for i in /var/netflow/ft/all/ft-v05.2006-12-2* ; do flow-cat ${i} >>
> dec0; done
Blech. You can do this in a much simpler fashion using find and xargs:
find /var/netflow/ft/all/ -type f -name "vt-v05.2006-12-*" -print |
xargs flow-cat > dec2006.flow
_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools
