Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome. Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
argus, www.qosient.com/argus On Fri, 2010-09-17 at 14:49 -0400, Mike Gatti wrote:
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
I have to agree. Scales very well, open source, more options than you are likely to ever use. --Dave -----Original Message----- From: Harry Hoffman [mailto:hhoffman@ip-solutions.net] Sent: Friday, September 17, 2010 3:02 PM To: Mike Gatti Cc: nanog@nanog.org Subject: Re: Netflow Tool argus, www.qosient.com/argus On Fri, 2010-09-17 at 14:49 -0400, Mike Gatti wrote:
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
On Fri, Sep 17, 2010 at 3:49 PM, Mike Gatti <ekim.ittag@gmail.com> wrote:
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
nfdump with custom output. Custom output format: -o fmt:.. This is the most flexibel format, as you can specify yourself how the output looks like. The output format is defined using element tags as well as plain ascii text. http://nfdump.sourceforge.net/ Everton
On 17/09/2010, at 21.06, Everton Marques <everton.marques@gmail.com> wrote:
nfdump with custom output.
Custom output format: -o fmt:.. This is the most flexibel format, as you can specify yourself how the output looks like. The output format is defined using element tags as well as plain ascii text.
http://nfdump.sourceforge.net/
Everton
And to complement that: - nfsen - netflow dashboard - pmGraph The first one relies on nfdump, and offers a nice drill down web based analysis tool with the nifty feature that it shows the nfdump commands to be run on the cli to obtain the data output used to represent the current interval Haven't tried the second one yet, but it uses postgresql to store samples. Might be easy to dump csv from that. Beware though of table growth. Pmgraph is developed by aptivate.org and I'm sure Chris Wilson will have something good to say about it :) Sorry for no URLs, using big fingers on small Iphone.
Always liked Luca Deri's set of solutions: http://www.ntop.org/news.php (not necessarily for netflow, exclusiovely) ***Stefan Mititelu http://twitter.com/netfortius http://www.linkedin.com/in/netfortius On Fri, Sep 17, 2010 at 1:49 PM, Mike Gatti <ekim.ittag@gmail.com> wrote:
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
If you want something scalable and commercial (read: with support) check out these guys, I have been using it for a while and it has tons of features and very flexible reporting (including exports to PDF, CSV, etc): http://www.netflowauditor.com/ They have a free version as well with limits. -Scott -----Original Message----- From: Mike Gatti [mailto:ekim.ittag@gmail.com] Sent: Friday, September 17, 2010 2:50 PM To: nanog@nanog.org Subject: Netflow Tool Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome. Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
If you want yours to come with rap videos look at scrutinizer (no I've not ever used it) http://www.youtube.com/watch?v=uUPkGvdXDIM http://www.youtube.com/watch?v=ilxknbKJ0Pc On Fri, Sep 17, 2010 at 12:45 PM, Scott Berkman <scott@sberkman.net> wrote:
If you want something scalable and commercial (read: with support) check out these guys, I have been using it for a while and it has tons of features and very flexible reporting (including exports to PDF, CSV, etc):
http://www.netflowauditor.com/
They have a free version as well with limits.
-Scott
-----Original Message----- From: Mike Gatti [mailto:ekim.ittag@gmail.com] Sent: Friday, September 17, 2010 2:50 PM To: nanog@nanog.org Subject: Netflow Tool
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
We've ran Scrutizer and also Netflow Auditor (also a few others) ... they are ok for "smaller" traffic levels (depending of course on sampling rates). None of them held up though to our expectations and we ended up going with Arbor Peakflow and been extremely happy ever since. I'd definitely suggest a trial of anything you are considering - we ran out and bought package after package and it didn't work out for us ;) Paul -----Original Message----- From: Bryan Irvine [mailto:sparctacus@gmail.com] Sent: September-17-10 3:56 PM To: Scott Berkman Cc: nanog@nanog.org Subject: Re: Netflow Tool If you want yours to come with rap videos look at scrutinizer (no I've not ever used it) http://www.youtube.com/watch?v=uUPkGvdXDIM http://www.youtube.com/watch?v=ilxknbKJ0Pc On Fri, Sep 17, 2010 at 12:45 PM, Scott Berkman <scott@sberkman.net> wrote:
If you want something scalable and commercial (read: with support) check out these guys, I have been using it for a while and it has tons of features and very flexible reporting (including exports to PDF, CSV, etc):
http://www.netflowauditor.com/
They have a free version as well with limits.
-Scott
-----Original Message----- From: Mike Gatti [mailto:ekim.ittag@gmail.com] Sent: Friday, September 17, 2010 2:50 PM To: nanog@nanog.org Subject: Netflow Tool
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mike Gatti wrote:
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
There are so many ways to do it. Once you capture the flow data and store it in raw files, it's just a matter of filtering and converting the data to whatever format you want. The flow-tools suite has everything you'd need if you wanted to write some scripts of your own. For example, flow-export takes a raw flow file as input and can output in various formats, including ASCII CSV. See `man flow-tools` for more information on flow-export and other useful flow tools. That said, I'm using a variation of this setup, from Robert S. Galloway: http://www.dynamicnetworks.us/netflow/ If you set it up as documented by Mr. Galloway, you'll end up with your netflow data (IIRC, just networks, octets, and packets) organized into various RRD files, depending on how you set up CUFlow.cf. For example, one RRD file per customer. By default, flowscan will delete the raw flow files after it parses them into RRDs. Optionally, you can retain your raw flow files by creating a "saved" directory in your flows path (see flowscan docs). For visualization, I import the RRD files into Cacti. For CSV output I wrote a perl script. It pulls data from the resulting RRD files, computes the 95th percentile(s), among other things, and e-mails the CSV(s) to the appropriate people at the appropriate times. Like I said, though, there are so many ways to do it. The way you need to do it will depend on what you're trying to get out of the netflow data. Regards, Michael Hertrick Neovera, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkyT05oACgkQcJVdtfpkLb85lQCfTBLcpfZMxqszfHNFUV7opFVj 1DQAoI0wGv9NgefnwDpTv5e2+BDoMQbV =Hzrs -----END PGP SIGNATURE-----
The latest version of WANGuard Flow exports flows to Excel and CSV. You can download a trial from http://www.andrisoft.com On Fri, Sep 17, 2010 at 9:49 PM, Mike Gatti <ekim.ittag@gmail.com> wrote:
Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome.
Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.ittag@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
participants (11)
-
Bryan Irvine
-
Dave Edelman
-
Everton Marques
-
Harry Hoffman
-
Michael Hertrick
-
Mike Gatti
-
Paul Stewart
-
Phil Regnauld
-
Scott Berkman
-
Stefan
-
Vasile Borcan