19 May
2013
19 May
'13
6:40 p.m.
On 2013-05-17 8:11 pm, Tim Vollebregt wrote:
Is anyone using an open source solution to process netflow v9 captures? I'm waiting for SiLK v3 for some time now, which is currently only available for TLA's and Universities.
Currently looking into nfdump.
To drag this back on topic, yes I'm currently using nfcap/nfdump to capture and parse Netflow v9. It's not as tidy as I'd like but it does the job. If you want something you can just point and shoot, nfsen ties those two tools together into one config file.
Tim