RES: flow-tools rather than cflowd (was "Re: [Cflowd] Re: Still
having trouble installing")
Ricardo Bernardo dos Santos
rbsantos at infovias.com.br
Wed Jun 11 13:17:01 PDT 2003
Dave,
Thank you for yours suggestions.
I'll try to use flow-tools and run FlowScan on those flow files.
I really intend to do only this now.
TIA.
Ricardo.
-----Mensagem original-----
De: Dave Plonka [mailto:plonka at doit.wisc.edu]
Enviada em: Wednesday, June 11, 2003 11:44 AM
Para: cflowd at caida.org
Cc: alex at nac.net; Ricardo Bernardo dos Santos
Assunto: flow-tools rather than cflowd (was "Re: [Cflowd] Re: Still
having trouble installing")
On Wed, Jun 11, 2003 at 11:05:58AM -0300, Ricardo Bernardo dos Santos
wrote:
>
> I'm having the same problem with solaris 9.:-(.
>
> Anyone already solve this problem?
>
> I need compile cflowd because I'll be using FlowScan and I need to
> apply patch.
Ricardo,
If your intent in setting up cflowd is just to get the flows recorded to
files or to run FlowScan and other analyses on those flow files, I
suggest using flow-tools instead:
http://www.splintered.net/sw/flow-tools/
There is a link labeled "Tips on configuring FlowScan with flow-tools.",
near the bottom of the page at that URL, on how to use flow-capture
(which is the flow-tools collection daemon) with FlowScan as a drop-in
replacement for cflowd:
http://net.doit.wisc.edu/~plonka/list/flowscan/archive/1117.html
flow-tools is currently maintained and builds clean on lots of platforms
including Solaris.
Both flow-tools and FlowScan have support mailing lists and archives
linked from their respective "home" pages:
http://www.splintered.net/sw/flow-tools/
http://net.doit.wisc.edu/~plonka/FlowScan/
Dave
P.S. Note that the FlowScan installation instructions have not been
updated proper. For the time-being, posts in the mailing list archive
are serving as documentation for how to use FlowScan with flow-tools and
argus.
P.P.S. flow-tools has lots of reports. See flow-stat and flow-report:
http://www.splintered.net/sw/flow-tools/docs/flow-stat.html
http://www.splintered.net/sw/flow-tools/docs/flow-report.html
--
plonka at doit.wisc.edu http://net.doit.wisc.edu/~plonka ARS:N9HZF
Madison, WI
More information about the Cflowd
mailing list