using flow-tools for ad hoc flow reports (was "Re: toptalkers over a longer timespan")
Alexander Bochmann
ab at lists.gxis.de
Fri Feb 21 12:20:13 EST 2003
Hi,
...on Fri, Feb 21, 2003 at 11:05:17AM -0500, Mark Fullmer wrote:
> > Would it also be possible to convert flowtools capture
> > files to cflowd format, so that argus can understand them?
> Yes. Use flow-export -f0.
Hm, it seems argus doesn't understand the output:
flow-export -f0 < ft-v05.2003-02-21.000000+0100 | ~bochmann/src/argus-clients-2.0.6.beta.38/bin/ra -r -
ArgusAlert: ra[15221]: ArgusReadConnection: not Argus-2.0 data stream.
The ArgusAlert message is the one from line 1954 of argus_parse.c,
after argus has finished it's check for netflow data (added a tag
to be shure).
flow-tools version on that machine is 0.62...
Alex.
More information about the argus
mailing list