Dear list, Dear Peter, Is it possible to use nfdump to display flows in a custom CSV format?
This feature exists with flow-tools: > flow-cat /var/flow-tools/data/2011-09-12 |flow-export -f2 -m > doctets,srcaddr,dstaddr,srcport,dstport,prot > #:doctets,srcaddr,dstaddr,srcport,dstport,prot > 46,aaa.aaa.aaa.aaa,bbb.bbb.bbb.bb,80,19263,6 > 99,aaa.aaa.a.aa,bbb.bb.bbb.b,5759,53,17 > 149,aa.aa.a.aaa,bbb.bbb.bbb.bbb,3750,6257,17 > ... ie.: > ./bin/nfdump -R /var/nfdump/data/2011-09-12 -o > "csv:%ibyt,%sa,%da,%sp,%dp,%pr" > ibyt,sa,da,sp,dp,pr > 46,aaa.aaa.aaa.aaa,bbb.bbb.bbb.bb,80,19263,TCP > 99,aaa.aaa.a.aa,bbb.bb.bbb.b,5759,53,UDP > 149,aa.aa.a.aaa,bbb.bbb.bbb.bbb,3750,6257,UDP > ... This kind of output will be fine for our scripts, but, the actual "user defined output format" (ie. -o "fmt:%ibyt,%sa,%da,%sp,%dp,%pr") is hard to read by scripts. Regards, Vincent ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA Learn about the latest advances in developing for the BlackBerry® mobile platform with sessions, labs & more. See new tools and technologies. Register for BlackBerry® DevCon today! http://p.sf.net/sfu/rim-devcon-copy1 _______________________________________________ Nfdump-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
