Question

我正在使用softflowd+nfdump创建netflow数据并将此数据存储在2d（字符串）数组中

flows = new string *[flows_len];
for (int i=0;i<flows_len;i++)
{
    flows[i] = new string[47];
}

我用c ++写作。数组中的每个“行”表示流记录，47表示由nfdump显示的不同的netflow数据字段的数量。

我想基于每个IP创建一些统计信息（例如，每个IP有多少个连接流）但我无法弄清楚如何获得具有相同IP的行 - 流（值为srcip存储在流[j] [4]中，我是c ++的新手。

提前感谢！

Answer 1

这是一个非常非常非常简单的例子

#include <vector>
#include <string>
#include <iostream>
#include <stdio.h>
#include <stdlib.h>
#include <algorithm>
#include <iterator>

using namespace std;

typedef vector< string > StatInfo; // 47 enries

void print_stat_by_ip( const vector< StatInfo > & infos, const string & ip ) {
    for ( int i = 0, count = infos.size(); i < count; i++ ) {
        const StatInfo & info = infos[ i ];
        if ( info[ 4 ] == ip ) {
            copy( info.begin(), info.end(), ostream_iterator< string >( cout, ", " ) );
            cout << endl;
        }
    }
}

int main()
{
    vector< StatInfo > infos;

    for ( int i = 0; i < 10; i++ ) {
        StatInfo info;
        for ( int j = 0; j < 47; j++ ) { // just filling them "0", "1", "2", ... , "46"
            char c_str[ 42 ];
            sprintf( c_str, "%d", j ); 
            info.push_back( c_str );
        }
        char c_str[ 42 ];
        sprintf( c_str, "%d", rand() % 10 );
        info[ 4 ] = c_str;          // this will be an IP-address
        infos.push_back( info );

        copy( info.begin(), info.end(), ostream_iterator< string >( cout, ", " ) );
        cout << endl;
    }

    string ip_to_find = "5";
    cout << "----------------------------------------" << endl;
    cout << "stat for " << ip_to_find << endl;
    cout << "----------------------------------------" << endl;
    print_stat_by_ip( infos, ip_to_find );
}

你可以在这里找到它 http://liveworkspace.org/code/3AAye8

Answer 2

老实说，我会考虑重新考虑你的容器。以下使用标准的lib数组，vector和multimap来完成我认为你正在寻找的东西。示例代码仅使用字符串“A”，“B”或“C”以及三个IP地址之一填充表行。您需要特别注意的部分是使用multimap根据IP地址索引表（尽管可以很容易地对其进行改装，以便对任意列执行相同操作）。

注意：很多的人比我更熟练的std lib算法，函数和容器用法。这只是为了让你了解多图可以如何帮助你可能的解决方案。

编辑 OP希望查看表中IP地址的计数，其代码已修改为main()函数的尾部。还更新为不使用C ++ 11功能。希望更接近OP可以使用的东西。

#include <iostream>
#include <iterator>
#include <algorithm>
#include <functional>
#include <map>
#include <vector>
#include <string>
using namespace std;

// some simple decls for our info, table, and IP mapping.
typedef std::vector<std::string> FlowInfo;
typedef std::vector<FlowInfo> FlowTable;

// a multi-map will likely work for what you want.
typedef std::multimap<std::string, const FlowInfo* > MapIPToTableIndex;

// a map of IP string-to-unsigned int for counting occurrences.
typedef std::map<std::string, unsigned int> MapStringToCount;

int main(int argc, char *argv[])
{
    // populate your flow table using whatever method you choose.
    //  I'm just going to push 10 rows of three ip addresses each.
    FlowTable ft;
    for (size_t i=0;i<10;++i)
    {
        FlowInfo fi(47); // note: always fixed at 47.

        for (size_t j=0;j<fi.size();++j)
            fi[j] = "A";
        fi[0][0]+=i;
        fi[4] = "192.168.1.1";
        ft.push_back(fi);

        for (size_t j=0;j<fi.size();++j)
            fi[j] = "B";
        fi[0][0]+=i;
        fi[4] = "192.168.1.2";
        ft.push_back(fi);

        for (size_t j=0;j<fi.size();++j)
            fi[j] = "C";
        fi[0][0]+=i;
        fi[4] = "192.168.1.3";
        ft.push_back(fi);
    }

    // map by IP address into something usefull.
    MapIPToTableIndex infomap;
    for (FlowTable::const_iterator it = ft.begin(); it != ft.end(); ++it)
        infomap.insert(MapIPToTableIndex::value_type((*it)[4], &*it));


    // prove the map is setup properly. ask for all items in the map
    //  that honor the 192.168.1.2 address.
    for (MapIPToTableIndex::const_iterator it = infomap.lower_bound("192.168.1.2");
         it != infomap.upper_bound("192.168.1.2"); ++it)
    {
        std::copy(it->second->begin(), it->second->end(),
                  ostream_iterator<std::string>(cout, " "));
        cout << endl;
    }

    // mine the IP occurance rate from the table:
    MapStringToCount ip_counts;
    for (FlowTable::const_iterator it= ft.begin(); it!=ft.end(); ++it)
        ++ip_counts[ (*it)[4] ];

    // dump IPs by occurrence counts.
    for (MapStringToCount::const_iterator it = ip_counts.begin();
         it != ip_counts.end(); ++it)
    {
        cout << it->first << " : " << it->second << endl;
    }

    return 0;
}

<强>输出

B B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
C B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
D B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
E B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
F B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
G B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
H B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
I B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
J B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
K B B B 192.168.1.2 B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B 
192.168.1.1 : 10
192.168.1.2 : 10
192.168.1.3 : 10

C ++，基于值输入从2d数组中选择

2 个答案: