pyflowtools

02 Jul 2011

pyflowtools is a small pure-python library for reading flow-tools format netflow data files.

There's another pyflowtools which is a fork of Robin Sommer's much faster C module that was included in the flow-tools distribution.

Basic usage (same as flowtools module):

# Basic example
import pyflowtools

totalUsage = 0L
for flow in pyflowtools.FlowSet("ft-v05.2010-01-01.000000+0000"):
    totalUsage += flow.dOctets

Extra fancy stuff I added to the API:

def tagMyUsage(flow):
    tags = []
    if flow.srcaddr_raw == myip_raw:
        tags.append("OUT")
    if flow.dstaddr_raw == myip_raw:
        tags.append("IN")
    return tags

for basetime, usage in pyflowtools.aggregateUsage(pyflowtools.flowcat(sys.argv[1:]), tagMyUsage, 60):
    print "%d,%d,%d" % (basetime, usage["IN"], usage["OUT"])

Download

pyflowtools-1.1.tar.gz