Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
flow-export(1)		    General Commands Manual		flow-export(1)

NAME
       flow-export -- Export flow-tools	files into other NetFlow packages.

SYNOPSIS
       flow-export  [-h]  [-d debug_level]  [-f	format]	 [-m mask_fields]  [-u
       user:password:host:port:name:table]

DESCRIPTION
       The flow-export utility will convert flow-tools	flow  files  to	 ASCII
       CSV, cflowd, pcap, wire,	mySQL, and PGSQL format.

OPTIONS
       -d debug_level
		 Enable	debugging.

       -f format Export	format.	 Supported formats are:
		   0 cflowd
		   1 pcap
		   2 ASCII CSV
		   3 MySQL
		   4 wire
		   5 PGSQL

       -h	 Display help.

       -m mask_fields
		 Select	 fields	for MySQL, PostgresSQL,	cflowd,	and ASCII for-
		 mats.	The mask_fields	is built from a	bitwise	OR of the fol-
		 lowing:

	   UNIX_SECS	   0x0000000000000001LL
	   UNIX_NSECS	   0x0000000000000002LL
	   SYSUPTIME	   0x0000000000000004LL
	   EXADDR	   0x0000000000000008LL

	   DFLOWS	   0x0000000000000010LL
	   DPKTS	   0x0000000000000020LL
	   DOCTETS	   0x0000000000000040LL
	   FIRST	   0x0000000000000080LL

	   LAST		   0x0000000000000100LL
	   ENGINE_TYPE	   0x0000000000000200LL
	   ENGINE_ID	   0x0000000000000400LL

	   SRCADDR	   0x0000000000001000LL
	   DSTADDR	   0x0000000000002000LL
	   SRC_PREFIX	   0x0000000000004000LL
	   DST_PREFIX	   0x0000000000008000LL
	   NEXTHOP	   0x0000000000010000LL
	   INPUT	   0x0000000000020000LL
	   OUTPUT	   0x0000000000040000LL
	   SRCPORT	   0x0000000000080000LL

	   DSTPORT	   0x0000000000100000LL
	   PROT		   0x0000000000200000LL
	   TOS		   0x0000000000400000LL
	   TCP_FLAGS	   0x0000000000800000LL

	   SRC_MASK	   0x0000000001000000LL
	   DST_MASK	   0x0000000002000000LL
	   SRC_AS	   0x0000000004000000LL
	   DST_AS	   0x0000000008000000LL

	   IN_ENCAPS	   0x0000000010000000LL
	   OUT_ENCAPS	   0x0000000020000000LL
	   PEER_NEXTHOP	   0x0000000040000000LL
	   ROUTER_SC	   0x0000000080000000LL
	   EXTRA_PKTS	   0x0000000100000000LL
	   MARKED_TOS	   0x0000000200000000LL

		 When  exporting to cflowd format the mask_fields field	is the
		 cflowd	mask which is defined as the following:

	   ROUTERMASK	      0x00000001
	   SRCIPADDRMASK      0x00000002
	   DSTIPADDRMASK      0x00000004
	   INPUTIFINDEXMASK   0x00000008
	   OUTPUTIFINDEXMASK  0x00000010
	   SRCPORTMASK	      0x00000020
	   DSTPORTMASK	      0x00000040
	   PKTSMASK	      0x00000080
	   BYTESMASK	      0x00000100
	   IPNEXTHOPMASK      0x00000200
	   STARTTIMEMASK      0x00000400
	   ENDTIMEMASK	      0x00000800
	   PROTOCOLMASK	      0x00001000
	   TOSMASK	      0x00002000
	   SRCASMASK	      0x00004000
	   DSTASMASK	      0x00008000
	   SRCMASKLENMASK     0x00010000
	   DSTMASKLENMASK     0x00020000
	   TCPFLAGSMASK	      0x00040000
	   INPUTENCAPMASK     0x00080000
	   OUTPUTENCAPMASK    0x00100000
	   PEERNEXTHOPMASK    0x00200000
	   ENGINETYPEMASK     0x00400000
	   ENGINEIDMASK	      0x00800000

	   INDEX_V1_MASK      0x00043FFF
	   INDEX_V5_MASK      0x00C7FFFF
	   INDEX_V6_MASK      0x00FFFFFF
	   INDEX_V7_MASK      0x00C7FFFF
	   INDEX_V8_1_MASK    0x00C0CD99
	   INDEX_V8_2_MASK    0x00C00DE1
	   INDEX_V8_3_MASK    0x00C14D8B
	   INDEX_V8_4_MASK    0x00C28D95
	   INDEX_V8_5_MASK    0x00C3CD9F

		 The default value is all fields applicable to	the  the  flow
		 file,	or  the	 cflowd	 INDEX mask applicabable to the	export
		 format.

       -u user:password:host:port:name:table
		 Configure MySQL or PostgresSQL	Access.

EXAMPLES
       Convert the flow-tools file flows to the	cflowd file flows.cflowd.  In-
       clude all fields.

	 flow-export -f0 < flows > flows.cflowd

EXAMPLES
       Convert	the  flow-tools	 file flows to the ASCII.  Include the SRCADDR
       and DSTADDR fields.

	 flow-export -f2 -m0x3000 < flows > flows.ascii

EXAMPLES
       Export the flow-tools file flows	to an MySQL  Database.	 Include  only
       SRCADDR,	DSTADDR	and DOCTETS.

	 flow-export	 -f3	-mSRCADDR,DSTADDR,DOCTETS    -u	   "user:pass-
       word:host:port:name:table" < flows

BUGS
       The pcap	format is a hack.

AUTHOR
       Mark Fullmer maf@splintered.net

       Database	Support: William Emmanuel Yu wyu@ateno.edu

SEE ALSO
       flow-tools(1)

								flow-export(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | EXAMPLES | EXAMPLES | BUGS | AUTHOR | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=flow-export&sektion=1&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help