Looking for Netflow analysis package

Rinse Kloek rinse.kloek at isp.solcon.nl
Mon May 20 09:21:22 UTC 2013


Op 20-5-2013 0:40, Cameron Daniel schreef:
> On 2013-05-17 8:11 pm, Tim Vollebregt wrote:
>> Is anyone using an open source solution to process netflow v9 captures?
>> I'm waiting for SiLK v3 for some time now, which is currently only
>> available for TLA's and Universities.
>>
>> Currently looking into nfdump.
>
> To drag this back on topic, yes I'm currently using nfcap/nfdump to 
> capture and parse Netflow v9. It's not as tidy as I'd like but it does 
> the job.
>
> If you want something you can just point and shoot, nfsen ties those 
> two tools together into one config file.
>
>> Tim
>
>
Not only for netflow analysis, but also a DDOS detection tool: I am 
testing Andrisoft Wanguard this month.
Very nice webinterface and has even possibility to do BGP blackholing.

RInse






More information about the NANOG mailing list