Our ISP has configured several internet routers to send NetFlow data on port 9996 to a particular machine. I have successfully configured PRTG to get the data to see lists of top recipients, etc, so I know this machine is receiving the NetFlow data ok, but it doesn't store the flows for later analysis, so I've disabled it. How do I configure nprobe to get the flow into a file I can analyse?
I'm confused about which mode nprobe needs to be used in to collect the data. I've tried this: nprobe /c --collector 192.168.0.203:9996 -V9 -P c:\temp\nprobe but it seems to be collecting local traffic. In among it, I can see that there are flows from the router to this machine on port 9996. What I need is the flow information inside those packets. I tried this: nprobe /c -i none -n none --collector-port 9996 -V9 -P c:\temp\nprobe but it collects nothing. Where am I going wrong? I'm not sure if I usderstand the differences between probe mode, collector mode and proxy mode. I need collector mode, don't I? Peter Shute _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
