Is there any option to know the version number of my netflow data.
I have pcap file generated using tcpdump. Then using some opensource (which depends on tshark) I converted the pcap data into netflow.
I am not able to find out which version of netflow it is in? netflow v5 or v7....or IPFIX.
Is there any way to tell netflow version by looking at the data?
how to find my netflow data version number?
370 Views Asked by RG1 At
1
There are 1 best solutions below
Related Questions in PCAP
- pcap to Avro on Hadoop
- Merging two pcap files with libpcap
- pcap_dispatch() always returns 0 on Mac OSX for wifi interface
- pcap file viewing library in python 3
- Writing pcap packets into a structure with libpcap
- Querying Interfaces to find device with libpcap
- Capture RRC Messages using Libpcap on android
- OSI Layers on local host
- How the pcap_next_ex() method is filling the pcp_pkthdr structure passing as input at driver level?
- Winpcap - pcap_next_ex vs pcap_loop
- Export raw packet bytes in tshark, tcpdump, or similar?
- Mergecap not working
- Parse pcap files to sip message in c++
- Use IP or TCP packet length to analyze how much data transferred
- access all packets from Pcap file
Related Questions in TCPDUMP
- Are Berkeley Packet Filter opcode values implementation defined?
- filter packet data based on the type of content they carry
- TCPDump working from adb shell but not from device
- TCPDump on rooted android devices
- Find the SYN and ACK flags from the TCP Packets By TCPDUMP
- rsyslog to resend event from client after abnormal server crash
- Python dpkt with pcap - how can I print the packet data?
- Debugging slow download with curl
- Tap interface is not receiving packets
- Asterisc(*) signal on DNS Responses with tcpdump
- Ethernet sniffer not capturing everything, with tcpdump in parallel it does
- Use IP or TCP packet length to analyze how much data transferred
- Trying to understand packets captured with tcpdump
- Greping a tcpdump with tshark
- Unable to get Grep get information in Terminal
Related Questions in VERSION-NUMBERING
- Google play does not display App Version
- Xamarin mobile app version number scheme across 3 platforms
- How to get device (AOSP) Build Number in Android devices programmatically?
- How would I increment the (version) value of an XML element using AWK?
- managing different rails 2.3.x versions in development/production with bundler
- Setting Teamcity version number with counter from file
- setuptools not getting dynamic version when using pyproject.toml
- Version and Build Information Error Xcode 4
- What is the best versioning way by a project
- How to determine the latest version number of a GAC assembly
- TeamCity to read and update version number from version file
- Why Visual C++ version numbers have a comma in them instead of a dot
- Not getting version number plugin value in Jenkins
- How to change version property of xml object in PowerShell?
- How to get the library module's version from inside the module's code at runtime
Related Questions in NETFLOW
- How to obtain NFDUMP output in bytes using csv output
- Using Elasticsearch filter in logstash
- Creating new columns with Pandas df.apply
- Netflow TCP Flags hexidecimal characters not representative of UAPRSF
- Packet profile from netflow
- Can't retrieve correct time and date from netflow records.
- How to get flow record details of a netflow packet
- UDP missing packets
- Netflow application ID to application name
- Flow-Tools - Some Questions
- Impossible to stop Logstash
- NETFLOW PACKET VERSION 5 convert byte 24-27 to datetime
- Netflow gives absurd values in bps
- Reading Netflow Packet Content using MySQL
- Storing ranged timeseries data in Postgres
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
If you are using the PCAP file to generate and export NetFlow over the wire, then the version number is in the second byte of the payload of the UDP packet. The value will be 5, 7, 9, or 'A' (in case of IPFIX).
However, if you have used a textual format to dump the records to disk, then they are technically not really versioned NetFlow until you export them somehow over the wire.