GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  IPFIXDUMP (1)

.ds Aq ’

NAME

ipfixDump - IPFIX file dumper

CONTENTS

SYNOPSIS



    ipfixDump    [--in FILE_NAME][--out FILE_NAME]
                 [--yaf]
                 [--templates][--data][--stats]
                 [--version]



DESCRIPTION

ipfixDump is a tool to read IPFIX files and dump the contents in ASCII to perform low level analysis of the files. ipfixDump uses libfixbuf to decode the files and it does not need any user input as to what the file contains as long as the IPFIX templates are at the beginning of the file. Any records that do not have a corresponding template will be ignored.

By default, ipfixDump uses the standard information model provided by libfixbuf. If ipfixDump is given the --yaf switch, it will include the yaf CERT private enterprise information elements. If yaf was configured to enable DPI (plugins) ipfixDump will also add the DPI elements that yaf can export.

ipfixDump supports Options templates and records. ipfixDump will write all IPFIX templates and data records to the output file. It will also write message and set headers when present.

ipfixDump supports IPFIX structured data in the form of basicLists, subTemplateLists, and subTemplateMultiLists.

ipfixDump currently does not support displaying sequence numbers.

OPTIONS

The following options are available for ipfixDump.
--in FILE_NAME The FILE_NAME is the filename to read. The string ’-’ may be used to read from standard input (the default).
--out FILE_NAME FILE_NAME should be the filename to write to or the string ’-’ may be used to write to standard output (the default).
--yaf If present, ipfixDump will include the available yaf(1) CERT private enterprise information elements. If yaf(1) was configured with plugins enabled, ipfixDump will add all of the deep packet inspection elements to the information model. By default, the standard IPFIX information model is used (standard elements defined by IANA).
--template If present, ipfixDump will only write the templates present in the input file.
--data If present, ipfixDump will only write the data records present in the input file.
--stats If present, ipfixDump will only write overall file statistics - which include the number of templates present, the number of data records present, and the number of IPFIX messages present.
--version If present, print version and copyright information to standard error and exit.

Examples

In the following examples, the dollar sign ($) represents the shell prompt. The text after the dollar sign represents the command line.



 $ ipfixDump --in - --out -

 $ ipfixDump --in /data/ipfix.ipfix --out /data/text.txt --yaf



Known Issues

Bug reports may be sent directly to the Network Situational Awareness team at <netsa-help@cert.org>.

AUTHORS

Emily Sarneso and the CERT Network Situational Awareness Group Engineering Team, <http://www.cert.org/netsa>.

SEE ALSO

yaf(1), yafscii(1)
Search for    or go to Top of page |  Section 1 |  Main Index


2.8.1 IPFIXDUMP (1) 5-Apr-2016

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.