Spiffy Netflow tools?

• Previous message (by thread): Spiffy Netflow tools?
• Next message (by thread): Spiffy Netflow tools?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue 2018-Mar-13 00:50:26 +0100, Fredrik Korsbäck <hugge at nordu.net> wrote:
>
>Kentik is probably top of the foodchain right now.
>
>But they are certainly not alone in the biz. Ontop of my head...
>
>* Flowmon
>* Talaia
>* Arbor Peakflow
>* Deepfield
>* Pmacct + supporting toolkit
>* NFsen/Nfdump/AS-stats
>* Put kibana/ES infront of any collector

Logstash has a netflow plugin as of 5.x or something 
(https://www.elastic.co/guide/en/logstash/current/netflow-module.html) to 
act as a collector.

A walkthrough:
http://www.routereflector.com/2017/07/elk-as-a-free-netflow-ipfix-collector-and-visualizer/

Using the logstash module setup thing adds a whole bunch of pretty netflow 
graphs and visualizations and such into Kibana for you.

Caveat:
Supports netflow v5 and v9, but does not indicate support for IPFIX 
explicitly.  It definitely does not support sFlow, though if you really 
want you can stick sflowtool in front of it to translate sFlow->netflow, 
e.g. http://blog.sflow.com/2011/12/sflowtool.html.

>* Solarwinds something something
>* Different vendor toolkits
>
>-- 
>hugge

-- 
Hugo Slabbert       | email, xmpp/jabber: hugo at slabnet.com
pgp key: B178313E   | also on Signal
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20180313/4e367968/attachment.sig>

• Previous message (by thread): Spiffy Netflow tools?
• Next message (by thread): Spiffy Netflow tools?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]