[171524] in North American Network Operators' Group
Re: oss netflow collector/trending/analysis
daemon@ATHENA.MIT.EDU (David Edelman)
Sun May 4 15:30:25 2014
X-Original-To: nanog@nanog.org
In-Reply-To: <CAJ2h61aE7vAKrAF0y4xe0x6-Nbj=6Amyz=NjY9B_o1_6zuCz=w@mail.gmail.com>
From: David Edelman <dedelman@iname.com>
Date: Sun, 4 May 2014 13:02:45 -0400
To: Leslie <geekgirl@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Argus (qosient.com) is worth looking at.=20
Dave Edelman
> On May 2, 2014, at 12:21, Leslie <geekgirl@gmail.com> wrote:
>=20
> pmacct (http://www.pmacct.net/) is another pretty awesome open source tool=
.
>=20
> Leslie
>=20
>> On Fri, May 2, 2014 at 8:00 AM, Avi Freedman <freedman@freedman.net> wrot=
e:
>>=20
>> There's also SiLK from CMU. It's powerful but has a learning curve.
>>=20
>> I also see pmacct being used both by some end networks and by
>> some vendors as part of systems.
>>=20
>> Avi
>>=20
>>> Hey There,
>>>=20
>>> I was just wondering, for people who are doing netflow analysis with
>>> open source tools and who are doing at least 10k or more flows per
>>> second, what are you using?
>>>=20
>>> I know of three tool sets:
>>>=20
>>> - The classic osu flow-tools and the modern continuation/fork.
>>> - ntop
>>> - nfdump/nfsen
>>>=20
>>> Is there anything else I've missed? A few folks here really seem to like=
>>> nfsen/nfdump.
>>>=20
>>> Thanks,
>>>=20
>>> Matt
>>=20
