Open source Netflow analysis for monitoring AS-to-AS traffic

• Previous message (by thread): Open source Netflow analysis for monitoring AS-to-AS traffic
• Next message (by thread): Open source Netflow analysis for monitoring AS-to-AS traffic
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Try FlowViewer http://flowviewer.net

Free, complete, graphical netflow analysis tool.

Developed for NASA. Runs on top of SiLK, a powerful open-source netflow 
capture and analysis tool developed by Carnegie-Mellon for DoD. Supports 
IPFIX, netflow v5, sflow, IPv6. Text reports, graphing and long-term 
tracking via graphs. Automatic storage control capability.

In general, as you probably know, it's amazing what you can get from 
netflow.

Best,

Joe

On 3/26/2024 8:04 PM, Brian Knight via NANOG wrote:

> What's presently the most commonly used open source toolset for 
> monitoring AS-to-AS traffic?
>
> I want to see with which ASes I am exchanging the most traffic across 
> my transits and IX links. I want to look for opportunities to peer so 
> I can better sell expansion of peering to upper management.
> Our routers are mostly $VENDOR_C_XR so Netflow support is key.
>
> In the past, I've used AS-Stats 
> <https://github.com/manuelkasper/AS-Stats> for this purpose. However, 
> it is particularly CPU and disk IO intensive. Also, it has not been 
> actively maintained since 2017.
>
> InfluxDB wants to sell me 
> <https://www.influxdata.com/what-are-netflow-and-sflow/> on Telegraf + 
> InfluxDB + Chronograf + Kapacitor, but I can't find any clear guide on 
> what hardware I would need for that, never mind how to set up the 
> software. It does appear to have an open source option, however.
> pmacct seems to be good at gathering Netflow, but doesn't seem to 
> analyze data. I don't see any concise howto guides for setting this up 
> for my purpose, however.
> I'm aware Kentik does this very well, but I have no budget at the 
> moment, my testing window is longer than the 30 day trial, and we are 
> not prepared to share our Netflow data with a third party.
> Elastiflow <https://www.elastiflow.com/> appears to have been open 
> source <https://github.com/robcowart/elastiflow?tab=readme-ov-file> at 
> one time in the past, but no longer. Since it too appears to be 
> hosted, I have the same objections as I do with Kentik above.
> On-list and off-list replies are welcome.
> Thanks,
> -Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20240327/2fc0bcd4/attachment.html>

• Previous message (by thread): Open source Netflow analysis for monitoring AS-to-AS traffic
• Next message (by thread): Open source Netflow analysis for monitoring AS-to-AS traffic
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]