[171486] in North American Network Operators' Group
Re: oss netflow collector/trending/analysis
daemon@ATHENA.MIT.EDU (Avi Freedman)
Fri May 2 11:02:15 2014
X-Original-To: nanog@nanog.org
To: mgalgoci@redhat.com (Matthew Galgoci)
Date: Fri, 2 May 2014 11:00:15 -0400 (EDT)
From: freedman@freedman.net (Avi Freedman)
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
There's also SiLK from CMU. It's powerful but has a learning curve.
I also see pmacct being used both by some end networks and by
some vendors as part of systems.
Avi
> Hey There,
>
> I was just wondering, for people who are doing netflow analysis with
> open source tools and who are doing at least 10k or more flows per
> second, what are you using?
>
> I know of three tool sets:
>
> - The classic osu flow-tools and the modern continuation/fork.
> - ntop
> - nfdump/nfsen
>
> Is there anything else I've missed? A few folks here really seem to like
> nfsen/nfdump.
>
> Thanks,
>
> Matt
