User Tools

Site Tools


пакет_nfdump

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
пакет_nfdump [2022/03/03 15:04]
val created
пакет_nfdump [2022/03/30 09:47] (current)
val
Line 1: Line 1:
 ====== Пакет nfdump ====== ====== Пакет nfdump ======
  
 +  * NetFlow
 +  * [[https://​ixnfo.com/​ustanovka-nfdump.html|Установка и использование Nfdump]]
 +
 +<​code>​
 +# apt install nfdump
 +
 +# cat /​etc/​nfdump/​default.conf
 +</​code><​code>​
 +...
 +options='​-S 2 -l /​var/​cache/​nfdump -p 2055'
 +</​code><​code>​
 +# service nfdump restart
 +
 +# ps auxwww | grep nfcapd
 +
 +# nfdump -o csv -R /​var/​cache/​nfdump/​ | head -n1
 +</​code><​code>​
 +ts,​te,​td,​sa,​da,​sp,​dp,​pr,​flg,​fwd,​stos,​ipkt,​ibyt,​opkt,​obyt,​in,​out,​sas,​das,​smk,​dmk,​dtos,​dir,​nh,​nhb,​svln,​dvln,​ismc,​odmc,​idmc,​osmc,​mpls1,​mpls2,​mpls3,​mpls4,​mpls5,​mpls6,​mpls7,​mpls8,​mpls9,​mpls10,​cl,​sl,​al,​ra,​eng,​exid,​tr
 +</​code><​code>​
 +# man nfdump
 +/OUTPUT FORMATS
 +
 +# nfdump -o csv -q -R /​var/​cache/​nfdump/​ | grep 192.168.X.101
 +
 +# nfdump -o csv -q -R /​var/​cache/​nfdump/​ 'proto tcp and src ip 192.168.X.101'​
 +
 +# nfdump -o csv -q -A dstip -R /​var/​cache/​nfdump/​2022/​03/​ 'dst net 192.168.X.0/​24'​ | cut -d','​ -f5,12,13
 +</​code>​
пакет_nfdump.1646309097.txt.gz · Last modified: 2022/03/03 15:04 by val