[Ntop] Neflow dump format question.

josh summitt ascetik at gmail.com
Tue Apr 13 15:16:27 CEST 2010 

Yea i have flow tools and silk and a few others but none of them can make
sense out of the flow dumps that the nTop Netflow plugin generates. I read
something that said ntop generates netflow v5 dump files. Every tool i've
used to translate V5 netflow fails on these files. I read something else
that said these dump files are in a gnu db format or mySQL.

I'm using nTop just as a netflow collector middle man so that i can get the
netflow data into the analytic software we are using here. Is there a better
way to collect netflow that will run on windows and support netflow V1-9 and
IPFIX? I would prefer to have the data in a csv format.


Thanks
Josh


On Mon, Apr 12, 2010 at 8:33 PM, Gary Gatten <Ggatten at waddell.com> wrote:

> I *think* there are several different "dumps". IIRC there is a dump and/or
> debug option that basically copies the flow records to a disk file as
> they're received and look just like netflow flows.
>
> ------------------------------
>  *From*: ntop-bounces at listgateway.unipi.it <
> ntop-bounces at listgateway.unipi.it>
> *To*: ntop at unipi.it <ntop at unipi.it>
> *Sent*: Mon Apr 12 20:03:17 2010
> *Subject*: Re: [Ntop] Neflow dump format question.
>
> Josh,
>
> I ran into this problem recently and tried to get the open source
> flow-tools to compile on Open Suse 11.1 but was unable to get some of the
> prereq's to compile properly most notably the pypcap python module.
>
> Here's a good list of open source tools, including flow-tools.
>
> http://www.networkuptime.com/tools/netflow/
>
> -Chris
>
> On Mon, Apr 12, 2010 at 3:00 PM, josh summitt <ascetik at gmail.com> wrote:
>
>> I've been searching the forums and internet for the last few days and have
>> not found the answer so hopefully someone can answer this for me. When using
>> the Netflow plugin, what format are the netflow data dumps in? I need to
>> take netflow data and import it into analytic software that we are using.
>> What tool do i need to read this data and extract it to another system?
>>
>>
>> Thanks
>> Josh
>>
>> _______________________________________________
>> Ntop mailing list
>> Ntop at listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>>
>
> _______________________________________________
> Ntop mailing list
> Ntop at listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listgateway.unipi.it/pipermail/ntop/attachments/20100413/facfbea4/attachment.htm>

More information about the Ntop mailing list