Ethereal-users: Re: [Ethereal-users] netflow from Cisco

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxx>
Date: Mon, 8 Apr 2002 13:56:33 -0700
On Mon, Apr 08, 2002 at 10:08:32AM -0700, Annie Tong wrote:
> I'm wondering does ethereal read the captured netflow data from Cisco?

>From a quick look at

	http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/tflow_wp.htm

it appears that NetFlow data contains statistical information about
traffic flow, rather than raw packets, so:

> Ethereal 
> seems to be an interesting and useful tool and I would like to use it as 
> the traffic analyser if it's compatiable to Flow-Tool formatted raw data.

...it's not clear that Ethereal, which is a network analyzer for looking
at raw traffic, rather than a tool for viewing summary statistics (even
the summary statistics it displays are produced by processing raw
traffic captures), would be able to do anything with NetFlow data.

Ntop, as per the other reply, may be a better choice, as that's a tool
for network statistics.