Re: [Nfdump-discuss] -A aggregation

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----

Hi Berant,

- --On February 17, 2006 10:56:40 -0500 "Lemmenes, Berant" <ble...@us...> wrote:

| Hello all,
|
|
|
| I must be doing something wrong with how I'm executing this nfdump
| command as I can't get any variant of -A aggregation to work.
|
|
|
| Here's my argument to nfdump other than the obvious sources and time
| slice (single 5min slice)
|
|
|
| -m -c 10 -A srcip,dstport
|
|
|
| The output from that command is identical to the output with out the -A
| srcip,dstport.
|
|
|
| I'm running nfdump 1.4.1.
|
|
|
| Is this just me? I went back through the nfsen list and this and didn't
| find anything.

Your command line does not include aggregation. -A describes only the type
of aggregation, in case aggregation would be done, either by cretating a statistic,
or - if you simply want to list flows

therefore the correct command line is:

 -m -c 10 -a -A srcip,dstport

    - Peter

|
|
|
| Thanks!
|
| Berant
|
|
|
|
|
|
|
| Berant Lemmenes                                  Network Operations
| Center
|
| US Signal
| no...@us...
|
| www.ussignalcom.com                           1.888.663.1700
|
|
|

- --
_______ SWITCH - The Swiss Education and Research Network ______
Peter Haag,  Security Engineer,  Member of SWITCH CERT
PGP fingerprint: D9 31 D5 83 03 95 68 BA  FB 84 CA 94 AB FC 5D D7
SWITCH,  Limmatquai 138,  CH-8001 Zurich,  Switzerland
E-mail: pet...@sw... Web: http://www.switch.ch/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iQCVAwUBQ/lqu/5AbZRALNr/AQFjUgP/RIB5VBe8VcS6sVAQcfexm+M5Q/rISjWq
xqwZyGpob46yIe96ts1QJAZ0UMU22ZLWsFHxF7KzJocaY/5wRQ9HnRuiwYFflmAH
t8N3OaPFjbKRZZElkewBdPgLRXnjYAa8WdXTh4kW23OWPCmpILFBFTqWcqWTXthV
zQ84cf9CXXs=
=AENg
-----END PGP SIGNATURE-----

Re: [Nfdump-discuss] -A aggregation

netflow collecting and processing tools

Re: [Nfdump-discuss] -A aggregation