NFDump Cheatsheet

Read a Binary NFDump File to Stdout

nfdump -r [inpput file]  

This will read it to stdout in ASCII form, which you could then pipe to a file. So the command below will convert a binary format to ASCII

nfdump -r [inpput file] > [output file]  

Convert to CSV

nfdump -r 1444458540 -o csv > output.csv  

Sort by time

nfdump -r [input file] -O tstart > output.txt  

Filter IP

To grab all the flows that relate to either going to, or coming from a specific IP then just specify it like the example below

nfdump -r [input file] 'net 8.8.8.8/32'  

References

Author

Programster

Stuart is a software developer with a passion for Linux and open source projects.

comments powered by Disqus