The calculated bits per second: If no orderby is given, statistics are ordered by flows. See output formats below for more information. Default if NEL enabled. It can span several lines. 
| Uploader: | Bat |
| Date Added: | 9 November 2008 |
| File Size: | 49.4 Mb |
| Operating Systems: | Windows NT/2000/XP/2003/2003/7/8/10 MacOS 10/X |
| Downloads: | 81067 |
| Price: | Free* [*Free Regsitration Required] |
If flows are aggregated, the packets are summed up.
TCP flags ORed of the connection. A small statistic about the collected flows, as well as errors are reported at the end of every interval to syslog with level 'info'.
Install nfdump on Mac OSX
This requires nfcapd to be compiled with the pcap option and is intended for debugging only. Anything after a ' ' is treated as a comment and ignored to the end of the line.
The seven most and seven least digits connected with two dots '. If flows are aggregated, duration is the time span over the entire periode of time from first seen to last seen. The number of bytes in this flow. If 0 is specified the number is unlimited. Aggregation is done at connection level by taking the 5-tuple protocol, srcip, dstip, srcport and dstport. All exporters send netflow data to the same port and IP. The ordering of the flags is not relevant.
The combination of -o line -6 is equivalent to -o line6. In case of a nfcapd collector file, an additional statistics per exporter is nfxump with number of flows, packets and sequence errors. To display the full IPv6 address, use the appropriate long format, which is the format name followed by a 6. Nfdump can also display many different top N flow and flow element statistics.
The output file is automatically rotated and renamed every n minutes - typically 5 min - according the timestamp YYYYMMddhhmm of the interval e. This may consume a lot of memory and nfdu,p take a while.
Send all incoming packets to another host and port. Indices used in nfdump 1.
Start time flow first seen. In order nrdump optimise disk space and performance, v9 tags are grouped into a number of extensions which may or may not be stored into the data file. Both flows are merged into a single record. The options -r and -R must not contain any directory part when used in conjunction with -M.
Ubuntu Manpage: nfdump - netflow display and analyze program
The following hierarchies are defined: All known v9 tags are taken. An appropriate output format is selected automatically, which may be overwritten by any -o format option. The calculated packets per second: You must not mix -n option with -I and -l.
Duration of the flow in seconds and miliseconds. It limits the imformation to the connection details as well as number of packets, bytes and flows. The base directory -l is concatenated with the specified sub hierarchy format to form the final data directory.
Install nfdump on Mac OSX – Mac App Store
See output formats below for more information. Default is transport protocol independent statistics. Sets the return value accordingly. In that case the announced sampling rate is applied.
Комментариев нет:
Отправить комментарий