I am trying to use nfcapd to save netflow files for use by a network analysis tool.
How do I capture network traffic on my host and send it into nfcapd? Can I use wireshark/tshark or something similar?
Asked
Active
Viewed 534 times
1 Answers
0
You need a sensor software, if your host that would send netflow data is Linux, you could try ipt-netflow or softflowd for this purpose.
Peter Zhabin
- 2,276
- 8
- 10
-
If you google the term "netflow exporter" or "software netflow exporter" you'll come up with a couple more. ("exporter" seems to be the more common term than "sensor" for some reason) – John Murphy Mar 14 '17 at 18:39