Hi nfdump users,
Here is my context :
My cisco router exports netflows on port 9990 and samplicate clone them
to ports 9992 and 9993
- Nfcapd/nfsen collects and analyse on port 9993
- I kept port 9992 to have a live access on netflow packets.
As Nfsen works with 5 minutes late, I would like now watch flows in live
and apply simple filters on them (for example with a grep on the ip
address ).
My problem is that "nfcapd -E" command don't gives me the result on a
row format. This option would allow me to filter on a field and see all
the other fields of the considered flow.
Do you know a way to obtain this result ? Should I use an other tool to
analyse my flows ? Maybe is there an nfcapd option I didn't see.
Thanks for your help
Cédric
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nfdump-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
