> Le 18 janv. 2015 à 16:22, Larry Sampas <la...@larrysampas.com> a écrit : > > I haven't played with many GUI tools other than FlowBAT, which is very new, > but I have been using SiLK at scale for some time now, and it's been very > stable. > > Since we run securityonion, I've been using these instructions for installing > SiLK/Yaf and configuring rwflowpack: > http://www.appliednsm.com/silk-on-security-onion/ (With the latest code > version from CERT) > > it also works for collecting Netflow data if you listen on the right ports. > > I'm definitely going to look at FlowViewer as an alternative to our plan of > getting the SiLK flow records into R and using a chart package. While GUI > tools are great, the command-line SiLK tools work very well if you want to > know exactly which IPs a host has contacted, at what times, on which ports, > and how much data was sent/received. > > --Larry
I would like to thank all the persons which have been answering this question. Thanks for your support, if we come with a bright idea regarding NetFlow analysis tools, I’ll let everyone know ! Sincerely yours. ________________________________________________ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ BSD - BSD - BSD - BSD - BSD - BSD - BSD - BSD - ________________________________________________ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ PGP ID --> 0x1BA3C2FD _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold