Re: Free Program to take netflow

[Jason Lixfeld <jason+nanog () lixfeld ca>]

I loved using ElastiFlow, but we didn’t quite work out in the end.  Here’s my $0.02 -

- ElastiFlow setup is easy-ish.
- ELK setup is easy-ish.
- Scaling ELK is not easy unless you know what you’re doing.

If you’ve got enough flows that you need to scale ELK, you’re probably also using multiple flow exporters, at which 
point this[1] could bite you and if ELK scaling was hard for you, dealing with this might not be trivial until Rob 
decides how best to bake a fix into EF.

I learned ELK because I wanted to use EF, but I only learned enough about ELK to get me by.  Having to also learn about 
REDIS and having to learn more about ELK to make it work with REDIS and EF was a show stopper; I just didn’t have the 
time.     

[1] https://github.com/robcowart/elastiflow/issues/205

> On May 18, 2019, at 12:19 AM, Crist Clark <cjc+nanog () pumpky net> wrote:
>
> Been loving Elastiflow. Way overkill for what you need, but it's
> actually pretty easy to setup.
>
> https://github.com/robcowart/elastiflow
>
>
> On Fri, May 17, 2019 at 7:25 AM Dennis Burgess via NANOG
> <nanog () nanog org> wrote:
> > I am looking for a free program to take netflow and output what the top traffic ASes to and from my AS are.   
> > Something that we can look at every once in a while, and/or spin up and get data then shutdown..  Just have two 
> > ports need netflow from currently.
> >
> >
> >
> > Thanks in advance.
> >
> >
> >
> >
> >
> > Dennis Burgess, Mikrotik Certified Trainer
> >
> > Author of "Learn RouterOS- Second Edition”
> >
> > Link Technologies, Inc -- Mikrotik & WISP Support Services
> >
> > Office: 314-735-0270  Website: http://www.linktechs.net
> >
> > Create Wireless Coverage’s with www.towercoverage.com