Luis (or Anthony ?), using nprobe you send flows in standard NetFlow v9 format. Programs like ethereal can handle them although they cannot be decode properly as I have used custom tags. However ntop has the logic to decode them so it should be pretty easy. Forget the flow content, think in terms of netFlow and you'll see that their decoding isn't hard.
Cheers, luca anthony thomas wrote: >Hello, > > I just read about the new voip capability in >nprobe/ntop, I am very exciting about it, this is >really a biy setp forward to ntop! > > Playing with it, I am monitoring a voip (SIP) >network and I would like to match every flow from >nprobe with the CDRs (Call Detail Records) using the >call ID. > > To do this, I have to export every flow in order to >be inserted into a database. I have seen that I can >save the flows to disk using nprobe or ntop, but the >problem arises when I try to "decode" the flows. > > I have tried with flow-tools but I do not see a way >to "read" the "extended" fields like sip and rtp >fields. > > Another way would be to use the perl script that >comes with ntop as collector, but it does not support >netflow V9. > > Can anyone point me to any alternative? > > Thanks for your time. > > Luis > > > > > >__________________________________ >Yahoo! Mail - PC Magazine Editors' Choice 2005 >http://mail.yahoo.com >_______________________________________________ >Ntop mailing list >[email protected] >http://listgateway.unipi.it/mailman/listinfo/ntop > > -- Luca Deri <[EMAIL PROTECTED]> http://luca.ntop.org/ skype://lucaderi/ Hacker: someone who loves to program and enjoys being clever about it - Richard Stallman _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
