I asked this a while ago. I asked if anyone knew of any good cisco netflow flow collection and analyzation tools. I played with cflowd, and while archaic, it did work. So, todays question is, is there anything new/gooder/faster that anyone knows about? -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Atheism is a non-prophet organization. I route, therefore I am. Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member Father of the Network and Head Bottle-Washer Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834 Don't choose a spineless ISP; we have more backbone! http://www.nac.net -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
On Sun, 29 Nov 1998 alex@nac.net wrote:
I played with cflowd, and while archaic, it did work.
So, todays question is, is there anything new/gooder/faster that anyone knows about?
cflowd version 2.0 at http://www.caida.org/ wfms
We have a tool that takes the output from cfdases and dumps it into a database. It will then create MRTG compatible output so that you can graph your traffic to/from various AS's. Its a work in progress..... If you are interested let me know privately. At 08:55 PM 11/29/98 -0500, you wrote:
I asked this a while ago.
I asked if anyone knew of any good cisco netflow flow collection and analyzation tools.
I played with cflowd, and while archaic, it did work.
So, todays question is, is there anything new/gooder/faster that anyone knows about?
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Atheism is a non-prophet organization. I route, therefore I am. Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member Father of the Network and Head Bottle-Washer Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834 Don't choose a spineless ISP; we have more backbone! http://www.nac.net -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Did you use cflowd version 1.3 or 2.0? Regards, Joseph Shaw - jshaw@insync.net NetAdmin/Security - Insync Internet Services Free UNIX advocate - "I hack, therefore I am." On Sun, 29 Nov 1998 alex@nac.net wrote:
I asked this a while ago.
I asked if anyone knew of any good cisco netflow flow collection and analyzation tools.
I played with cflowd, and while archaic, it did work.
So, todays question is, is there anything new/gooder/faster that anyone knows about?
Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member
Hello Alex, I've attached the answer I usually send out in Asia. If you hear of anymore tools, please let me know and I'll add them to the list. My usual advice to ISPs is to start with cflowd (the new CAIDA version) and NetFlowMet. In fact, CAIDA is looking for a site to try the new version of cflowd on a LINUX box - hint hint ;-) Barry ======================= General Information page for Cisco Netflow services --------------------------------------------------- http://www.cisco.com/warp/public/732/netflow/ Cisco's NetFlow FlowCollector v2.0 and NetFlow FlowAnalyzer v2.0 ---------------------------------------------------------------- http://www.cisco.com/warp/public/732/netflow/netan_ov.htm 3rd Party Solutions ------------------- Belle Systems http://www.belle.dk Solect http://www.solect.com XACCT Technologies http://www.xacct.com Apogee Networks, Inc. http://www.Apogeenet.com RODOPI http://www.rodopi.com Joint press releases between 3rd Party vendors and Cisco: + Cisco Systems and Solect Technology Group Provide Usage Based Billing Solution http://wwwin.cisco.com/Mkt/cc/corp/mkt/pr/solec_pr.htm + Cisco Systems and Belle Systems Develop Billing System http://wwwin.cisco.com/Mkt/cc/cisco/mkt/servprod/gen/bell_pr.htm Bottom-up develop tools and scripts can be found at: NETRAMET/NETFLOWMET The old one and one of the best for TCP/IP flow analysis. NetFlowMet is a version of the Unix NeTraMet. It's an RTFM meter which takes its data from a Cisco router using Cisco's NetFlow data. We used NeTraMet by many ISPs using a simple on an Intel PC with BSD UNIX and a Digital FDDI card. The results are dumped to a box that did all the flow analysis and posted the results on an internal Web server. http://www.auckland.ac.nz/net/Accounting/ntm.Release.note.html CFLOWD cflowd is a package for collecting data from Cisco's flow-export. Its primary motive is collection of data for capacity planning and similar activities in a network service provider environment. However, it can been used effectively in other areas, including usage tracking for Web hosting as well as security-related investigation activities. This tool was developed by our customers for their own use. It is free and located at: http://www.caida.org/Tools/Cflowd/ Other scripts based on cflowd are located at: http://engr.ans.net/cflowd/index.html http://buckaroo.xo.com/CFLOWD/ The key Cisco documents on NetFlow are constantly updated (because we are adding new features and functionality all the time). Do a keyword search on CCO to find all the documentation on NetFlow. NetFlow tools (flowdata.h, fdrecorder.c, fdplayback.c, fdg.c) that were used to build cflowd are located on the Cisco's FTP site: ftp://ftp-eng.cisco.com/ftp/NetFlow/fde/README
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of alex@nac.net Sent: Monday, November 30, 1998 9:56 AM To: nanog@merit.edu Subject: flow export stuff
I asked this a while ago.
I asked if anyone knew of any good cisco netflow flow collection and analyzation tools.
I played with cflowd, and while archaic, it did work.
So, todays question is, is there anything new/gooder/faster that anyone knows about?
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Atheism is a non-prophet organization. I route, therefore I am. Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member Father of the Network and Head Bottle-Washer Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834 Don't choose a spineless ISP; we have more backbone! http://www.nac.net -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
participants (5)
-
alex@nac.net
-
Barry Raveendran Greene
-
Joe Shaw
-
John M. Brown
-
William F. Maton