Programster's Blog

Tutorials focusing on Linux, programming, and open source

NFDump Cheatsheet

Read a Binary NFDump File to Stdout

nfdump -r [inpput file]

This will read it to stdout in ASCII form, which you could then pipe to a file. So the command below will convert a binary format to ASCII

nfdump -r [inpput file] > [output file]

Convert to CSV

nfdump -r 1444458540 -o csv > output.csv

Sort by time

nfdump -r [input file] -O tstart > output.txt

Filter IP

To grab all the flows that relate to either going to, or coming from a specific IP then just specify it like the example below

nfdump -r [input file] 'net'