Suraj Nellikar (snellika)
2009-Jun-16 22:34 UTC
[netflow-tools] Collector does not aggregate single flows
Hi, When I observe the logs at the flowd collector collecting netflow v9 packets, I see that it is not aggregating the packets coming from the same flow. Instead it is just storing it separately. Is there any way to aggregate the packets into a single flow? Thanks, Suraj.N -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.mindrot.org/pipermail/netflow-tools/attachments/20090616/ed6d90b2/attachment.html>
Damien Miller
2009-Jul-09 07:55 UTC
[netflow-tools] Collector does not aggregate single flows
On Tue, 16 Jun 2009, Suraj Nellikar (snellika) wrote:> > Hi, > > When I observe the logs at the flowd collector collecting netflow v9 > packets, I see that it is not aggregating the packets coming from the same > flow. Instead it is just storing it separately. Is there any way to > aggregate the packets into a single flow?It isn''t flowd''s job to aggrgate flow data, though you can do it yourself using the supplied perl/python APIs. flowd just records whatever flows your probe sends to it. Some probes do support aggregation, though they may use formats or record tags that are not supported by flowd. -d