-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Isherwood, Jeffrey - AES wrote:
> I'm running one NFCPAD to capture all traffic coming in on port 9997
>
> Utilizing nfcapd with the -S allows us to set sub directory structure based
> upon date/time
>
> nfcapd -z -w -D -l /netflows -S8 -p9997
>
> The -S8 indicates a format of %Y-%m-%d/%H (year-month-day/hour)
>
> I have 12 or more devices feeding into my nfcapd server on the same inbound
> port and would like to break the stored feeds out by IP Address in addition
> to year-month-day/hour like this:
>
> /netflows/10.10.10.15/%Y-%m-%d/%H
> /netflows/10.10.11.15/%Y-%m-%d/%H
> /netflows/10.10.12.15/%Y-%m-%d/%H
> /netflows/10.10.13.15/%Y-%m-%d/%H
> /netflows/10.10.14.15/%Y-%m-%d/%H
> /netflows/10.10.15.15/%Y-%m-%d/%H
>
> I realize that with the -I flag I can set base and subdirectories initially,
> but I would like it to be dynamic and allow new subdirectories (based upon
> IP) to be created when a new feed comes in. Is this possible or do I need to
> create some special or custom solution?
No - nfdump does not include automatic new subdirectories. Up to now, you would
need some manual scripts.
- Peter
>
> This e-mail and any files transmitted with it may be proprietary and are
> intended solely for the use of the individual or entity to whom they are
> addressed. If you have received this e-mail in error please notify the sender.
> Please note that any views or opinions presented in this e-mail are solely
> those of the author and do not necessarily represent those of ITT
> Corporation. The recipient should check this e-mail and any attachments for
> the presence of viruses. ITT accepts no liability for any damage caused by
> any virus transmitted by this e-mail.
- --
_______ SWITCH - The Swiss Education and Research Network ______
Peter Haag, Security Engineer, Member of SWITCH CERT
PGP fingerprint: D9 31 D5 83 03 95 68 BA FB 84 CA 94 AB FC 5D D7
SWITCH, Werdstrasse 2, P.O. Box, CH-8021 Zurich, Switzerland
E-mail: [email protected] Web: http://www.switch.ch/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iQCVAwUBS0HZj/5AbZRALNr/AQKlrQP+KSB86qydiReWnUEDyekPlo2h1c8IU44k
Tag4NNogbY9qvausAIqUmAnx20zORQH81Uv5IzjtyN15pB847xfJrg06WTB7pIVN
n51jju7XwQcqvZfnffoXK0+NJY4k64/sTAY1nRYEEL6dD1RYAd3dnf5uwv6pGxzl
l9WVx/SuLy4=
=4NSM
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________
Nfdump-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
