Cisco Netflow® parsing support in argus()
Carter Bullard
carter at qosient.com
Mon May 23 11:00:41 EDT 2011
Gentle people,
I am finalizing the new Cisco Netflow® parsing support in argus-3.0.5.3. This is where you can get argus to extract
Cisco Netflow® records from the packet stream, itself. On paper, we currently support v5, 6, 7 and 8, but I don't have
that many packet captures of these different record types for testing. So I can't say that its working, yet.
For those that are capable, could you share some packet captures of your Cisco network flow record streams?
Better if they are sharable, but if not, I will keep very private any submissions.
Currently, you turn on cisco network flow parsing using:
argus -r cisco:/path/to/pcap.file
In the next wave, I will add flow-tools, Sflow and Jflow record parsing as well. For those, I also will need some packet
captures.
Ad Thanks vance (thanks in advance) !!!!!!
Carter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4367 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20110523/07dbf860/attachment.bin>
More information about the argus
mailing list