I’m using Alvarado for netflow and I’m pretty happy with it. Seeing it recommended more frequently on Reddit and elsewhere lately too.
<https://github.com/akvorado/akvorado> [akvorado.png] akvorado/akvorado: Flow collector, enricher and visualizer<https://github.com/akvorado/akvorado> github.com<https://github.com/akvorado/akvorado> John Stitt Sent from my pocket CRAY-1 On Mar 26, 2024, at 7:05 PM, Brian Knight via NANOG <nanog@nanog.org> wrote: What's presently the most commonly used open source toolset for monitoring AS-to-AS traffic? I want to see with which ASes I am exchanging the most traffic across my transits and IX links. I want to look for opportunities to peer so I can better sell expansion of peering to upper management. Our routers are mostly $VENDOR_C_XR so Netflow support is key. In the past, I've used AS-Stats<https://github.com/manuelkasper/AS-Stats> for this purpose. However, it is particularly CPU and disk IO intensive. Also, it has not been actively maintained since 2017. InfluxDB wants to sell me<https://www.influxdata.com/what-are-netflow-and-sflow/> on Telegraf + InfluxDB + Chronograf + Kapacitor, but I can't find any clear guide on what hardware I would need for that, never mind how to set up the software. It does appear to have an open source option, however. pmacct seems to be good at gathering Netflow, but doesn't seem to analyze data. I don't see any concise howto guides for setting this up for my purpose, however. I'm aware Kentik does this very well, but I have no budget at the moment, my testing window is longer than the 30 day trial, and we are not prepared to share our Netflow data with a third party. Elastiflow<https://www.elastiflow.com/> appears to have been open source<https://github.com/robcowart/elastiflow?tab=readme-ov-file> at one time in the past, but no longer. Since it too appears to be hosted, I have the same objections as I do with Kentik above. On-list and off-list replies are welcome. Thanks, -Brian CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you are not expecting this message contact the sender directly via phone/text to verify.
