Menu
▾
▴
#66 Aggregate bug
There is strange situation with -A option... for some adresses -A with grouping by 'dstip' is returning null, but if there is NO -A flag, nfdump return normal data... with correct dst
for example
[root@bc /usr/netflow]# nfdump -q -r nfcapd.201304301800 -a -A dstip "dst ip 109.202.47.136"
[root@bc /usr/netflow]#
[root@bc /usr/netflow]# nfdump -q -r nfcapd.201304301800 -a "dst ip 109.202.47.136"
2013-04-30 19:49:32.102 264.592 TCP 78.139.66.112:9110 -> 109.202.47.136:49567 75776 115.3 M 37
2013-04-30 19:40:56.783 392.337 UDP 128.140.170.11:64116 -> 109.202.47.136:53736 20480 4.4 M 5
for another IP, it works... i don't know why it's happend...