[ale] Text Processing Happiness - I'm no longer lost
Bruce
callmebruce2002 at yahoo.com
Sat Aug 18 13:27:58 EDT 2007
Thanks! That did the trick. Now I'm collecting on all
well-known and registered ports. That saved a lot of
effort. Now to figure out how to report on it. I
really dislike our commercial tool, but can't install
open source on a commercial server.
There has to be an easy way to parse the files and
report on top talkers, top conversation pairs and top
applications. (the commercial app we use does top
talkers and top applications, but not top
conversations). I'll leave that for another day.
--- David Tomaschik <ozone at webgroup.org> wrote:
> Bruce wrote:
> > Hey all, it's been a while since I was on the Ale
> list
> > - but I have a question, and figured this is the
> best
> > place to ask.
> >
> > I am running a Netflow Collector (NFC5.0.2) and
> have a
> > config file in XML. The config file basically
> > associates applications with TCP and UDP ports.
> Since
> > the config file is pretty limited, most of my
> traffic
> > is not getting associated correctly.
> >
> > I pulled down a listing of well-known and
> registered
> > ports from IANA, figuring on taking the
> scattershot
> > approach.
> >
> > A short section is here:
> > "<case><value> 1 </value><label> TCP_ tcpmux - 1
> -tcp
> > </label></case>"
> > And what I want it to look like is here:
> >
>
<case><value>1</value><label>TCP_tcpmux-1-tcp</label></case>
> >
> >
> >
> No more quotes or tabs:
>
> tr -d '"\t' infile > outfile
>
> --
> David Tomaschik
> Moderator, LinuxQuestions.org
> http://matir.wordpress.com
____________________________________________________________________________________
Choose the right car based on your needs. Check out Yahoo! Autos new Car Finder tool.
http://autos.yahoo.com/carfinder/
More information about the Ale
mailing list