Hi folks. I am collecting netflow data from a big topology, now I have 80 routers sending netflow records, but this can be more and more. The reason why I send all the data to the same collector is due to I need a global vision of the traffic and the only way of doing so its having all routers netflow data together.
>From the netflow records I only need some fields so I run the following nfdump command: nfdump -q -o 'fmt:%sa,%da,%sp,%dp,%pr,%ismc,%ra' -A proto,router,srcip,dstip,srcport,dstport,tos,insrcmac,indstmac -r It takes more or less 10 seconds to process 1 millon flows. Is there a faster/smarter way of doing that? Because if in the future i have 10millon flows my solution will not scale. Kind regards, Richard ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Nfdump-discuss mailing list Nfdump-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
