Free Program to take netflow
Alain Hebert
ahebert at pubnix.net
Wed May 22 12:08:19 UTC 2019
+1 for elasticflow
But make sure to clear the indexes, as it wasn't included with the
project, when we installed ours.
Here's our solution that delete them after 90 days.
----- Crontab
0 12 * * * (cd /usr/local/<your corp>/scripts; ./<your
corp>_elastiflow_prune.sh) > /dev/null 2>&1
----- Content of the *_prune.sh for Linux
#!/bin/csh -f
set d_current=`date "+%s"`
set d_90=`expr ${d_current} - \( 90 \* 24 \* 60 \* 60 \)`
set idx=`date -d @${d_90} "+%Y.%m.%d"`
curl -XDELETE "http://localhost:9200/elastiflow-${idx}"
-----
Alain Hebert ahebert at pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 2019-05-18 00:19, Crist Clark wrote:
> Been loving Elastiflow. Way overkill for what you need, but it's
> actually pretty easy to setup.
>
> https://github.com/robcowart/elastiflow
>
>
> On Fri, May 17, 2019 at 7:25 AM Dennis Burgess via NANOG
> <nanog at nanog.org> wrote:
>> I am looking for a free program to take netflow and output what the top traffic ASes to and from my AS are. Something that we can look at every once in a while, and/or spin up and get data then shutdown.. Just have two ports need netflow from currently.
>>
>>
>>
>> Thanks in advance.
>>
>>
>>
>>
>>
>> Dennis Burgess, Mikrotik Certified Trainer
>>
>> Author of "Learn RouterOS- Second Edition”
>>
>> Link Technologies, Inc -- Mikrotik & WISP Support Services
>>
>> Office: 314-735-0270 Website: http://www.linktechs.net
>>
>> Create Wireless Coverage’s with www.towercoverage.com
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190522/b5b7fe40/attachment.html>
More information about the NANOG
mailing list