14 Nov
2014
14 Nov
'14
2:08 p.m.
Softflowd is also nice, supports "Netflow versions 1, 5 and 9 and is fully IPv6-capable". The package is included on ubuntu & debian. On 14.11.2014 20:38, srn.nanog@prgmr.com wrote:
fprobe is a linux-based netflow probe that uses libpcap (as does tcpdump) and is already in the ubuntu universe repository. There is an ipv4-only iptables based version too called fprobe-ulog.
For collectors, it looks like the ones already available in ubuntu are nfcapd from nfdump and flow-capture from flow-tools. For analysis/alerts, cacti with the thold and flowview plugins might do the job.
-- Best regards, Adrian Minta