Re: oss netflow collector/trending/analysis

[Warren Bailey <wbailey () satelliteintelligencegroup com>]

Ntop is somehow open source if I recall. Seemed to work well and was fairly cheap to license.


Sent from my T-Mobile 4G LTE Device



-------- Original message --------
From: David Edelman <dedelman () iname com>
Date: 05/04/2014 11:05 AM (GMT-07:00)
To: Leslie <geekgirl () gmail com>
Cc: nanog () nanog org
Subject: Re: oss netflow collector/trending/analysis


Argus (qosient.com) is worth looking at.


Dave Edelman


> On May 2, 2014, at 12:21, Leslie <geekgirl () gmail com> wrote:
>
> pmacct (http://www.pmacct.net/) is another pretty awesome open source tool.
>
> Leslie
>
> > On Fri, May 2, 2014 at 8:00 AM, Avi Freedman <freedman () freedman net> wrote:
> >
> > There's also SiLK from CMU.  It's powerful but has a learning curve.
> >
> > I also see pmacct being used both by some end networks and by
> > some vendors as part of systems.
> >
> > Avi
> >
> > > Hey There,
> > >
> > > I was just wondering, for people who are doing netflow analysis with
> > > open source tools and who are doing at least 10k or more flows per
> > > second, what are you using?
> > >
> > > I know of three tool sets:
> > >
> > > - The classic osu flow-tools and the modern continuation/fork.
> > > - ntop
> > > - nfdump/nfsen
> > >
> > > Is there anything else I've missed? A few folks here really seem to like
> > > nfsen/nfdump.
> > >
> > > Thanks,
> > >
> > > Matt