nanog mailing list archives
Re: Service Provider NetFlow Collectors
From: Aaron <aaron_ppus () fmad com>
Date: Thu, 3 Jan 2019 10:40:44 +0900
Throwing my hat in the ring also (vendor from fmadio) https://github.com/fmadio/pcap2json Not exactly a newflow collector, its pcap -> flowgen -> elk on a single box, working very well so far, still work in progress. Problem with logstash is its too slow for high flow rates. So we did everything inside the flow generator for direct ELK bulk uploads removing logstash completely. Cheers Aaron On Mon, 31 Dec 2018 at 18:40, Michel 'ic' Luczak <lists () benappy com> wrote:
Don’t underestimate good old ELK https://www.elastic.co/guide/en/logstash/current/netflow-module.html + https://github.com/robcowart/elastiflow BR, ic On 31 Dec 2018, at 04:29, Erik Sundberg <ESundberg () nitelusa com> wrote: Hi Nanog…. We are looking at replacing our Netflow collector. I am wonder what other service providers are using to collect netflow data off their Core and Edge Routers. Pros/Cons… What to watch out for any info would help. We are mainly looking to analyze the netflow data. Bonus if it does ddos detection and mitigation. We are looking at ManageEngine Netflow Analyzer PRTG Plixer – Scrutinizer PeakFlow Kentik Solarwinds NTA Thanks in advance… Erik ------------------------------ CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it may contain confidential information that is legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must destroy the original transmission and its attachments without reading or saving in any manner. Thank you.
Current thread:
- Re: Service Provider NetFlow Collectors, (continued)
- Re: Service Provider NetFlow Collectors Saku Ytti (Jan 02)
- Re: Service Provider NetFlow Collectors Tim Raphael (Jan 02)
- Re: Service Provider NetFlow Collectors H I Baysal (Jan 02)
- Re: Service Provider NetFlow Collectors Saku Ytti (Jan 02)
- Re: Service Provider NetFlow Collectors H I Baysal (Jan 02)
- Re: Service Provider NetFlow Collectors Tim Raphael (Jan 02)
- Re: Service Provider NetFlow Collectors Saku Ytti (Jan 02)
- RE: Service Provider NetFlow Collectors Phil Lavin (Jan 02)
- Re: Service Provider NetFlow Collectors Daniel Rohan (Jan 02)
- Re: Service Provider NetFlow Collectors Nick Peelman (Jan 02)
- Re: Service Provider NetFlow Collectors Mark Tinka (Jan 15)
- Re: Service Provider NetFlow Collectors Aaron (Jan 03)
- Re: Service Provider NetFlow Collectors jim deleskie (Jan 16)
- Re: Service Provider NetFlow Collectors James Breeden (Jan 16)