It also normalises all the other variables, like pps, bps and bpp, to use the total (in+out) packets and (in+out) bytes.
It seems to work for me, with minimal testing. Note that *most* netflow sources only generate records for a single direction, although maybe the "bidirectional flows" aggregation from within nfdump/nfsen will benefit from this as well.
If using nfsen, you may also wish to edit details.php and set$IPStatOrder = array ( 'flows', 'packets', 'bytes', 'ibyte', 'obyte', 'pps', 'bps', 'bpp' );
Then via the GUI you can separately sort flows by total (in+out) bytes, input bytes, output bytes.
Regards, Brian Candler.
nfstat-in-out.diff.gz
Description: application/gzip
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________ Nfdump-discuss mailing list Nfdump-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
