2014-05-02 16:36 GMT+02:00 Matthew Galgoci <mgalgoci@redhat.com>:
Hey There,
I was just wondering, for people who are doing netflow analysis with open source tools and who are doing at least 10k or more flows per second, what are you using?
I know of three tool sets:
- The classic osu flow-tools and the modern continuation/fork. - ntop - nfdump/nfsen
Is there anything else I've missed? A few folks here really seem to like nfsen/nfdump.
Thanks,
Matt
Hi Matt, I've been using pmacct for quite some time now and I'm more than happy with the results. Being able to store all infos in a *SQL db is a killer feature for me. Also it can speak BGP with your routers so it can grab the AS Path information which allow us for example to make traffic graphs for a destination AS aggregated by AS Path (one of my favorites feature I had with the Arbor peakflow in my previous company). Pierre-Yves