Sorry for replying to myself :) So I went with the following, could this be altered to be better?
Also how do I get flow-capture to save direct to mysql rather than needing to run it periodically ? CREATE TABLE `flows` ( `UNIX_SECS` int(32) unsigned NOT NULL default '0', `UNIX_NSECS` int(32) unsigned NOT NULL default '0', `SYSUPTIME` int(20) NOT NULL, `EXADDR` varchar(16) NOT NULL, `DPKTS` int(32) unsigned NOT NULL default '0', `DOCTETS` int(32) unsigned NOT NULL default '0', `FIRST` int(32) unsigned NOT NULL default '0', `LAST` int(32) unsigned NOT NULL default '0', `ENGINE_TYPE` int(10) NOT NULL, `ENGINE_ID` int(15) NOT NULL, `SRCADDR` varchar(16) NOT NULL default '0', `DSTADDR` varchar(16) NOT NULL default '0', `NEXTHOP` varchar(16) NOT NULL default '0', `INPUT` int(16) unsigned NOT NULL default '0', `OUTPUT` int(16) unsigned NOT NULL default '0', `SRCPORT` int(16) unsigned NOT NULL default '0', `DSTPORT` int(16) unsigned NOT NULL default '0', `PROT` int(8) unsigned NOT NULL default '0', `TOS` int(2) NOT NULL, `TCP_FLAGS` int(8) unsigned NOT NULL default '0', `SRC_MASK` int(8) unsigned NOT NULL default '0', `DST_MASK` int(8) unsigned NOT NULL default '0', `SRC_AS` int(16) unsigned NOT NULL default '0', `DST_AS` int(16) unsigned NOT NULL default '0' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; Thanks Barry On Fri, 07 Nov 2008 16:46:07 +1300, Barry Murphy <[EMAIL PROTECTED]> wrote: > Hey Guys, > > Very new to netflow and testing it using a j2320 and flow-tools. I've got > as far as receiving the messages, however mysql export doesn't seem to > work > very well and there is not much documentation that I can find. > > [EMAIL PROTECTED] /var/db/flows]# flow-export -f 3 -d 1 -u > "barry_user:pass:x.x.x.x:3306:barry_user:flows" < > ft-v05.2008-11-06.174501+1300 > field=unix_secs,unix_nsecs,sysuptime,exaddr,dpkts,doctets,first,last,engine_type,engine_id,srcaddr,dstaddr,nexthop,input,output,srcport,dstport,prot,tos,tcp_flags,src_mask,dst_mask,src_as,dst_as > > val=1226022454,0,3170693914,"113.21.224.33",1,59,3170652214,3170652214,0,0,"60.234.24.30","60.234.24.29","60.234.24.29",0,22,57778,179,6,192,24,32,30,24466,24466 > query=INSERT INTO > flows(unix_secs,unix_nsecs,sysuptime,exaddr,dpkts,doctets,first,last,engine_type,engine_id,srcaddr,dstaddr,nexthop,input,output,srcport,dstport,prot,tos,tcp_flags,src_mask,dst_mask,src_as,dst_as) > VALUES > (1226022454,0,3170693914,"113.21.224.33",1,59,3170652214,3170652214,0,0,"60.234.24.30","60.234.24.29","60.234.24.29",0,22,57778,179,6,192,24,32,30,24466,24466) > flow-export: mysql_real_query(): Table 'barry_user.flows' doesn't exist > flow-export: processed 1 flows > sys: seconds=0.021 flows/second=45.850527 > wall: seconds=0.017 flows/second=58.664789 > flow-export: Exported 1 records > [EMAIL PROTECTED] /var/db/flows]# > > Can someone point me in the right direction for getting this data into > mysql, I cant seem to find a mysql scheme to insert into the database. > > Thanks > Barry > > _______________________________________________ > Flow-tools mailing list > [EMAIL PROTECTED] > http://mailman.splintered.net/mailman/listinfo/flow-tools _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
