Re: Free Program to take netflow

[Alain Hebert <ahebert () pubnix net>]

    +1 for elasticflow

    But make sure to clear the indexes, as it wasn't included with the 
project, when we installed ours.

    Here's our solution that delete them after 90 days.

----- Crontab

0 12 * * * (cd /usr/local/<your corp>/scripts; ./<your 
corp>_elastiflow_prune.sh) > /dev/null 2>&1

----- Content of the *_prune.sh for Linux

#!/bin/csh -f

set d_current=`date "+%s"`
set d_90=`expr ${d_current} - \( 90 \* 24 \* 60 \* 60 \)`
set idx=`date -d @${d_90} "+%Y.%m.%d"`

curl -XDELETE "http://localhost:9200/elastiflow-${idx}";

-----
Alain Hebert                                ahebert () pubnix net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770     Beaconsfield, Quebec     H9W 6G7
Tel: 514-990-5911  http://www.pubnix.net    Fax: 514-990-9443

On 2019-05-18 00:19, Crist Clark wrote:
> Been loving Elastiflow. Way overkill for what you need, but it's
> actually pretty easy to setup.
>
> https://github.com/robcowart/elastiflow
>
>
> On Fri, May 17, 2019 at 7:25 AM Dennis Burgess via NANOG
> <nanog () nanog org> wrote:
> > I am looking for a free program to take netflow and output what the top traffic ASes to and from my AS are.   Something 
> > that we can look at every once in a while, and/or spin up and get data then shutdown..  Just have two ports need 
> > netflow from currently.
> >
> >
> >
> > Thanks in advance.
> >
> >
> >
> >
> >
> > Dennis Burgess, Mikrotik Certified Trainer
> >
> > Author of "Learn RouterOS- Second Edition”
> >
> > Link Technologies, Inc -- Mikrotik & WISP Support Services
> >
> > Office: 314-735-0270  Website: http://www.linktechs.net
> >
> > Create Wireless Coverage’s with www.towercoverage.com