[163100] in North American Network Operators' Group
Re: Looking for Netflow analysis package
daemon@ATHENA.MIT.EDU (Cameron Daniel)
Sun May 19 18:40:31 2013
To: Tim Vollebregt <tim@interworx.nl>
Date: Mon, 20 May 2013 08:40:16 +1000
From: Cameron Daniel <cdaniel@nurve.com.au>
In-Reply-To: <076E4598-1ADD-4E2D-9A17-47E48D2F720C@interworx.nl>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2013-05-17 8:11 pm, Tim Vollebregt wrote:
> Is anyone using an open source solution to process netflow v9 captures?
> I'm waiting for SiLK v3 for some time now, which is currently only
> available for TLA's and Universities.
>
> Currently looking into nfdump.
To drag this back on topic, yes I'm currently using nfcap/nfdump to
capture and parse Netflow v9. It's not as tidy as I'd like but it does
the job.
If you want something you can just point and shoot, nfsen ties those two
tools together into one config file.
> Tim
