flow-tools rather than cflowd (was "Re: [Cflowd] Re: Still having
trouble installing")
Dave Plonka
plonka at doit.wisc.edu
Wed Jun 11 10:43:37 PDT 2003
On Wed, Jun 11, 2003 at 11:05:58AM -0300, Ricardo Bernardo dos Santos wrote:
>
> I'm having the same problem with solaris 9.:-(.
>
> Anyone already solve this problem?
>
> I need compile cflowd because I'll be using FlowScan and I need to
> apply patch.
Ricardo,
If your intent in setting up cflowd is just to get the flows recorded
to files or to run FlowScan and other analyses on those flow files, I
suggest using flow-tools instead:
http://www.splintered.net/sw/flow-tools/
There is a link labeled "Tips on configuring FlowScan with flow-tools.",
near the bottom of the page at that URL, on how to use flow-capture
(which is the flow-tools collection daemon) with FlowScan as a drop-in
replacement for cflowd:
http://net.doit.wisc.edu/~plonka/list/flowscan/archive/1117.html
flow-tools is currently maintained and builds clean on lots of
platforms including Solaris.
Both flow-tools and FlowScan have support mailing lists and archives
linked from their respective "home" pages:
http://www.splintered.net/sw/flow-tools/
http://net.doit.wisc.edu/~plonka/FlowScan/
Dave
P.S. Note that the FlowScan installation instructions have not been
updated proper. For the time-being, posts in the mailing list archive
are serving as documentation for how to use FlowScan with flow-tools
and argus.
P.P.S. flow-tools has lots of reports. See flow-stat and flow-report:
http://www.splintered.net/sw/flow-tools/docs/flow-stat.html
http://www.splintered.net/sw/flow-tools/docs/flow-report.html
--
plonka at doit.wisc.edu http://net.doit.wisc.edu/~plonka ARS:N9HZF Madison, WI
More information about the Cflowd
mailing list