nanog mailing list archives

Re: Proxying NetFlow traffic correctly

From: Joe Loiacono <jloiacon () csc com>
Date: Wed, 7 Jun 2017 09:19:59 -0400

You may want to check out the SiLK netflow capture and analysis tool 
suite. Look in particular at it's SiLK Administrators Tools section which 
provides extensive flexibility for manipulating netflow exports. The 
analysis tools are quite good too.

http://tools.netsa.cert.org/silk/silk-reference-guide.pdf

Joe

"NANOG" <nanog-bounces () nanog org> wrote on 06/06/2017 05:43:46 PM:

From: Sami via NANOG <nanog () nanog org>
To: "nanog () nanog org" <nanog () nanog org>
Date: 06/06/2017 07:33 PM
Subject: Proxying NetFlow traffic correctly
Sent by: "NANOG" <nanog-bounces () nanog org>

Hello,
I have been searching for a solution that collects/duplicates 
NetFlow traffic properly for a while but i couldn't find any.
Do you know any good unix alternative to ntopng, flowd, flow-tools?

nprobe of netflow seems to be the closest one to fit my needs but i 
want to see if there are any other solution.

My goal is to centralize NetFlow traffic into a single machine and 
then proxy some flows to other destinations for further analysis

Best Regards,
Sami

Current thread:

Proxying NetFlow traffic correctly Sami via NANOG (Jun 06)
- Re: Proxying NetFlow traffic correctly Tim Raphael (Jun 06)
- Re: Proxying NetFlow traffic correctly Hugo Slabbert (Jun 06)
  - Re: Proxying NetFlow traffic correctly Hugo Slabbert (Jun 06)
- Re: Proxying NetFlow traffic correctly Dobbins, Roland (Jun 06)
  - Re: Proxying NetFlow traffic correctly Selphie Keller (Jun 06)
- Re: Proxying NetFlow traffic correctly Joe Loiacono (Jun 07)
- Re: Proxying NetFlow traffic correctly Mike Sabbota (Jun 07)
- Re: Proxying NetFlow traffic correctly Jérôme Fleury (Jun 07)