Network Traffic Collection

Matlock, Kenneth L MatlockK at exempla.org
Thu Feb 23 20:20:23 UTC 2012


Netflow + netflow collector.

Ken Matlock
Network Analyst
Systems and Technology Service Center
Sisters of Charity of Leavenworth Health System 
12600 W. Colfax, Suite A-500
Lakewood, CO 80215
 
303-467-4671
matlockk at exempla.org
 
-----Original Message-----
From: Maverick [mailto:myeaddress at gmail.com] 
Sent: Thursday, February 23, 2012 1:19 PM
To: Jeroen Massar
Cc: nanog at nanog.org
Subject: Re: Network Traffic Collection

I want to be able to see information like how much traffic an ip send over a period of time, what machines it talked to etc from this perspective it should be IP based but I would really like to know how other people do it.

Best,
Ali

On Thu, Feb 23, 2012 at 3:14 PM, Jeroen Massar <jeroen at unfix.org> wrote:
> On 2012-02-23 21:11 , Maverick wrote:
>> Hello,
>>
>> I am trying to collect traffic traffic from pcap file and store it in 
>> a database but really confused how to organize it. Should I organize 
>> it on connection basis/ flow basis or IP basis.
>>
>> It might be an effort to write a customized traffic analysis tool 
>> like wireshark with only required functionality. I would really 
>> appreciate if someone can give me direction on write way of 
>> organizing the data because right now I only see individual packets 
>> and no way of putting them in some order.
>
> Does this all not completely depend on what you actually want to do 
> with it? You might want to start there instead of the other way around.
>
> Greets,
>  Jeroen
>

*** Exempla Confidentiality Notice *** The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any other dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify me immediately by replying to the message and deleting it from your computer. Thank you. *** Exempla Confidentiality Notice ***





More information about the NANOG mailing list