NetFlow 交换机/路由器流量监控

NetFlow 交换机/路由器流量监控

7.3. NetFlow

查看设备是否发送Netflow包

$ sudo tcpdump -n udp port 2055
	

7.3.1. flow-tools - collects and processes NetFlow data

$ sudo apt-get install flow-tools
		

7.3.1.1. flow-capture

mkdir /opt/netflow
flow-capture -z 6 -n 143 -e 8928 -V 5 -w /opt/netflow 0/0/2055
			

7.3.1.2. NetFlow into MySQL with flow-tools

NetFlow into MySQL with flow-tools

创建netflow数据库，创建flows表

CREATE TABLE `flows` (
  `FLOW_ID` int(32) NOT NULL AUTO_INCREMENT,
  `UNIX_SECS` int(32) unsigned NOT NULL default '0',
  `UNIX_NSECS` int(32) unsigned NOT NULL default '0',
  `SYSUPTIME` int(20) NOT NULL,
  `EXADDR` varchar(16) NOT NU