[netflow-tools] Analysis tools/re export flows

[Matt Ammann]

Matt Ammann wrote:
> Hello,
> 
> I've collected a passel of flow data as part of a stress test on my network. 
> 
> Now I need an analysis package which can make sense of the data, with a minimum of report writing and etc on my part.
> 
> What analysis package is recommended which can work with flowd data? I had the idea to nfsen, but can't figure out how to get the flowd data into nfdump format.
> 
> Tips would be greatly appreciated, as I need to report on this test by tomorrow.
> 
> Matt

Have you tried flow-tools?

Maybe I'm missing something, but it seems flow-tools won't read flowd logs directly - I need to flow-reader to ascii, then import into flow-tools us flow-import.

flow-import requires csv input, and a mask specifying which fields are included in the import. 

So to make this work I need to
0. figure out which fields I need for flow-tools netflow V5
1. write a script  to format flow-reader output to csv with right fields.
2. write a script to figure how how the "right fields" map to flow-tools field masks
3. import the csv file..

Any suggestions to make this easier?

thanks,
Matt




       
____________________________________________________________________________________
Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos & more. 
http://mobile.yahoo.com/go?refer=1GNXIC