Example: (ip in [172.16.1.0/24]) %ISP_1 or (ip in [172.16.16.0/24]) %IPS_2 or %GoogleDNS((proto udp or proto tcp) and ip 8.8.8.8) Examples. nfdump -r /and/dir/nfcapd.201107 110845 -c 100 ‘proto tcp and ( src ip 172.16.17.18 or dst ip 172.16.17.19 )’ Dumps the.
EXAMPLES nfdump-r /and/dir/nfcapd.201107110845-c 100 ‘ proto tcp and (src ip 172.16.17.18 or dst ip 172.16.17.19)’ Dumps the first 100 netflow records which match the given filter: nfdump-r /and/dir/nfcapd.201107110845-B Map matching flows as bin-directional single flow.
Example: -a -A srcip4/24, dstport aggregates flows on a /24 IPv4 base and destination port. Filter Syntax: nfdump has a powerful and fast filter engine. All flow are filtered before they are further processed. If no filter is given, any flow will be processed. The filter is either given on the command line as last argument enclosed in ‘, or, EXAMPLES nfdump -r /and/dir/nfcapd.201107110845 -c 100 ‘proto tcp and ( src ip 172.16.17.18 or dst ip 172.16.17.19 )’ Dumps the first 100 netflow records which match the given filter: nfdump -r /and/dir/nfcapd.201107110845 -B Map matching flows as bin-directional single flow.
man nfdump Command . Man page for apt-get nfdump Command . Man Page for nfdump in Linux. Ubuntu Man Command : man nfdump . This tutorial shows the man page for man nfdump in linux. … Example : A proto,srcip,dstport A srcas,dstas b Aggregate netflow records as bidirectional flows. Automatically implies a.
Use netflow with nfdump and nfsen – Koen Van Impe – vanimpe.eu, Use netflow with nfdump and nfsen – Koen Van Impe – vanimpe.eu, GitHub – phaag/ nfdump : Netflow processing tools, Watch your Flows with NfSen and NFDUMP – RIPE 82
