[176139] in North American Network Operators' Group
Re: Linux router traffic monitoring, how? netflow?
daemon@ATHENA.MIT.EDU (Adrian Minta)
Fri Nov 14 14:08:52 2014
X-Original-To: nanog@nanog.org
Date: Fri, 14 Nov 2014 21:08:42 +0200
From: Adrian Minta <adrian.minta@gmail.com>
To: nanog@nanog.org
In-Reply-To: <54664C3F.9060500@prgmr.com>
Errors-To: nanog-bounces@nanog.org
Softflowd is also nice, supports "Netflow versions 1, 5 and 9 and is
fully IPv6-capable".
The package is included on ubuntu & debian.
On 14.11.2014 20:38, srn.nanog@prgmr.com wrote:
> fprobe is a linux-based netflow probe that uses libpcap (as does tcpdump) and is already in the
> ubuntu universe repository. There is an ipv4-only iptables based version too called fprobe-ulog.
>
> For collectors, it looks like the ones already available in ubuntu are nfcapd from nfdump and
> flow-capture from flow-tools. For analysis/alerts, cacti with the thold and flowview plugins might
> do the job.
>
>
--
Best regards,
Adrian Minta
