A flow record is the metadata information about flow on the network. Consider a scenario where an infected system is talking to the attacker's system and has uploaded two documents of 5 MB each to the attacker's system. In such cases, the flow record will contain information such as the IP addresses of both the compromised host and the attacker system, port numbers, date and time, and the amount of data exchanged, which in this case would be around 10 MB.
The flow record and flow-record processing systems (FRPS)
Understanding flow-record processing systems
The systems responsible for managing, building, and processing flow records are called flow-record processing systems. An FRPS consists of the following...