This is the command flow-receive that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
flow-receive — Receive flow data with the NetFlow protocol.
SYNOPSIS
flow-receive [-h] [-b big|little] [-C comment] [-d debug_level] [-o output_file] [-S
stat_interval] [-V pdu_version] [-z z_level] localip/remoteip/port
DESCRIPTION
The flow-receive utility is used to receive flows in NetFlow format. When the remoteip is
configured only flows from that exporter will be processed, this is the most secure and
recommended configuration. When the localip is configured flow-receive will only process
flows sent to the localip IP address. If remoteip is 0 (not configured) flows from any
source IP address are accepted. Multiple non aggregated PDU versions may be accepted at
once to support Cisco's Catalyst 6500 NetFlow implementation which exports from both the
supervisor and MSFC with the same IP address and same port but different export versions.
In this case the exports will be stored in the format specified by the -V flag or
whichever export type is received first.
OPTIONS
-b big|little
Byte order of output.
-C Comment
Add a comment.
-d debug_level
Enable debugging.
-h Display help.
-o file Write to file instead of the standard out.
-S stat_interval
When configured flow-receive will emit a timestamped message on stderr every
stat_interval minutes indicating counters such as the number of flows received,
packets processed, and lost flows.
-V pdu_version
Use pdu_version format output.
1 NetFlow version 1 (No sequence numbers, AS, or mask)
5 NetFlow version 5
6 NetFlow version 6 (5+ Encapsulation size)
7 NetFlow version 7 (Catalyst switches)
8.1 NetFlow AS Aggregation
8.2 NetFlow Proto Port Aggregation
8.3 NetFlow Source Prefix Aggregation
8.4 NetFlow Destination Prefix Aggregation
8.5 NetFlow Prefix Aggregation
8.6 NetFlow Destination (Catalyst switches)
8.7 NetFlow Source Destination (Catalyst switches)
8.8 NetFlow Full Flow (Catalyst switches)
8.9 NetFlow ToS AS Aggregation
8.10 NetFlow ToS Proto Port Aggregation
8.11 NetFlow ToS Source Prefix Aggregation
8.12 NetFlow ToS Destination Prefix Aggregation
8.13 NetFlow ToS Prefix Aggregation
8.14 NetFlow ToS Prefix Port Aggregation
1005 Flow-Tools tagged version 5
-z z_level
Configure compression level to z_level. 0 is disabled (no compression), 9 is
highest compression.
EXAMPLES
Listen on port 9800 on any local interface for exports from IP address 10.0.0.1, store the
exports in flows
flow-receive 0/10.0.0.1/9800 > flows
Listen on port 9800 on any local interface from any IP address, display the received flows
with flow-print.
flow-receive 0/0/9800 | flow-print
Use flow-receive online using onworks.net services