Hi
I am using nprobe to process the previously stored flows generated from
tcpdump program. I am redirecting the output in a file by using
following command
>> nprobe -r A.dump.0170.out -P /home/aaa53/ >>
The input dump file is around 200 Megs and the nprobe generates the
resultant file of around 6 Megs. The file generated is:
>> 1196182500.flow.temp >>.
When I try to read the generated output using "flow-tools" program, I
get error.
It is probably something to do with the format in which nProbe stores
the data and those of used by flow-tools. I normally use flow-tool for
analyzing the NetFlow data and it works fine. Can anyone help me that
whether it is the difference in the storage format or I am missing
something? If, flow-tools is not appropriate to read nProbe generated
output, what other easily available sw I can try? And finally, can I get
some documentation on the code of nProbe? I intend to extend some
functionality of nProbe for conducting some experiments for my research.
Any help and guidance in this connection will be highly appreciated.
--
Awais Ahmed Awan
PhD Student - Computer Laboratory,
University of Cambridge
15 JJ Thomson Ave
CB3 0FD, Cambridge, UK
Work: + 44 122 333 4643
Mob: + 44 797 051 9922
Mob: + 44 794 030 9331
_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
