Free Program to take netflow
Jason Lixfeld
jason+nanog at lixfeld.ca
Wed May 22 13:12:35 UTC 2019
I loved using ElastiFlow, but we didn’t quite work out in the end. Here’s my $0.02 -
- ElastiFlow setup is easy-ish.
- ELK setup is easy-ish.
- Scaling ELK is not easy unless you know what you’re doing.
If you’ve got enough flows that you need to scale ELK, you’re probably also using multiple flow exporters, at which point this[1] could bite you and if ELK scaling was hard for you, dealing with this might not be trivial until Rob decides how best to bake a fix into EF.
I learned ELK because I wanted to use EF, but I only learned enough about ELK to get me by. Having to also learn about REDIS and having to learn more about ELK to make it work with REDIS and EF was a show stopper; I just didn’t have the time.
[1] https://github.com/robcowart/elastiflow/issues/205
> On May 18, 2019, at 12:19 AM, Crist Clark <cjc+nanog at pumpky.net> wrote:
>
> Been loving Elastiflow. Way overkill for what you need, but it's
> actually pretty easy to setup.
>
> https://github.com/robcowart/elastiflow
>
>
> On Fri, May 17, 2019 at 7:25 AM Dennis Burgess via NANOG
> <nanog at nanog.org> wrote:
>>
>> I am looking for a free program to take netflow and output what the top traffic ASes to and from my AS are. Something that we can look at every once in a while, and/or spin up and get data then shutdown.. Just have two ports need netflow from currently.
>>
>>
>>
>> Thanks in advance.
>>
>>
>>
>>
>>
>> Dennis Burgess, Mikrotik Certified Trainer
>>
>> Author of "Learn RouterOS- Second Edition”
>>
>> Link Technologies, Inc -- Mikrotik & WISP Support Services
>>
>> Office: 314-735-0270 Website: http://www.linktechs.net
>>
>> Create Wireless Coverage’s with www.towercoverage.com
>>
>>
More information about the NANOG
mailing list