摘要
为实现对局域网络的流量监测与异常分析,提出一套基于NetFlow的大流量数据采集与聚合方案。该方案使用缓冲区和多线程机制来采集NetFlow数据,有效提高数据采集效率和稳定性。在原始数据的基础上,采用一整套聚合策略对数据进行处理和存储,以满足实时流量和历史流量的监测。该方案可对纷繁复杂的原始流量信息进行有效整理,为前端各种流量分析提供合理高效的数据支持。以此方案为基础的网络流量监测系统已实际运用于大型网络中。
In order to solve the traffic monitoring and anomaly analysis in LAN,a method of data collection and aggregation is presented. It uses the buffer structure and multi - thread mechanism to effectively improve data collection efficiency and stability. And a set of strategies for original data aggregation has been adopted to meet the real - time and historical traffic flow monitoring. Based on this method, the complicated flow can be effectively organized,and it offers a reasonable support to traffic analysis applications. The network traffic monitoring system based on this method has been applied in the large - scale network.
出处
《现代电子技术》
2009年第7期177-180,共4页
Modern Electronics Technique
关键词
NETFLOW
流量监测
流量采集
流量聚合
多线程
NetFlow
traffic monitoring
traffic collection
traffic aggregation
multi - thread
作者简介
郭剑云 男,1984年出生,福建省福州市人,硕士研究生。主要从事计算机网络监控方面的研究与应用工作。
