I’m looking for a free-ish Linux open sources Netflow collector/analyser.  I have 5 Juniper MX routers that will send IPFIX flows to for an ISP network.    I’m hoping it is something I can run in AWS/EC2 as I don’t want to worry about storage again in my lifetime.  Does anyone have any recommendations?

 

For reporting I would like to generate basic  usage reports to/from IP/Subnet/ASN.  It would be great if it could also detect DDoS and activate flowspec back into my core routers but that isn’t a requirement

 

Thanks

 

-Matt