Hello All,
How do I see the packet size using nfdump command, the bytes per packet is not
giving right value please see below
nfdump -r nfcapd.201209101750 -A srcip,dstport |more
Date flow start Duration Src IP Addr Dst Pt Packets Bytes
bps Bpp Flows
2012-09-10 02:19:55.580 267.758 119.31.255.73 54413 18 30
0 1 1
2012-09-10 02:20:03.662 0.000 59.98.17.41 61831 18 30
0 1 1
2012-09-10 02:23:30.935 44.702 223.226.117.183 80 26 15
2 0 1
2012-09-10 02:19:55.251 142.421 208.67.238.238 1481 18 30
1 1 1
2012-09-10 02:23:32.251 730.074 106.205.133.232 80 26 15
0 0 1
2012-09-10 02:23:14.818 0.000 10.186.28.197 8080 26 15
0 0 1
2012-09-10 02:19:55.247 68.332 96.16.234.239 49427 36 60
7 1 2
2012-09-10 02:23:01.085 0.000 223.184.146.172 47413 26 15
0 0 1
2012-09-10 02:19:54.160 1140.635 72.21.214.144 50833 18 30
0 1 1
2012-09-10 02:22:54.825 2510.425 106.205.79.226 80 26 15
0 0 1
2012-09-10 02:23:33.534 0.000 223.225.24.252 80 26 15
0 0 1
Best regards,
-----Original Message-----
From: Mohit Saxena (mohisaxe)
Sent: Wednesday, September 12, 2012 12:23 AM
To: '[email protected]'
Cc: '[email protected]'
Subject: RE: [Nfsen-discuss] Packet per day graph are empty
Attached is the cap file
-----Original Message-----
From: Mohit Saxena (mohisaxe)
Sent: Tuesday, September 11, 2012 8:34 PM
To: '[email protected]'
Cc: '[email protected]'
Subject: Re: [Nfsen-discuss] Packet per day graph are empty
I can see packets and bytes both correct on commandline nfdump -r.
This is cisco ios XR platform. I will soon send a packet capture to you.
Thanks
----- Original Message -----
From: Peter Haag [mailto:[email protected]]
Sent: Tuesday, September 11, 2012 09:40 AM
To: Mohit Saxena (mohisaxe)
Cc: [email protected] <[email protected]>
Subject: Re: [Nfsen-discuss] Packet per day graph are empty
On 9/11/12 9:55, Mohit Saxena (mohisaxe) wrote:
> Hello all,
>
> I am using netflow version 9 on ASR9006 and using nfdump1.6.6 and
> nfsen1.3.6p1 . The issue I am facing is the fact that in the live profile,
> Flow graphs work perfect but Packet Graphs and bits graph are all empty.
have a look on the command line. list your flows and check, if packet/byte
counts are empty. if so, send me a pcap dump of the flow traffic. New IOS
version @ cisco ? :)
- Peter
>
> Please help
>
> Mohit
>
> ----------------------------------------------------------------------
> --------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond.
> Discussions will include endpoint security, mobile security and the
> latest in malware threats.
> http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Nfsen-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
>
--
--
Be nice to your netflow data
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat
landscape has changed and how IT managers can respond. Discussions will include
endpoint security, mobile security and the latest in malware threats.
http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
