Re: [AFMUG] NetFlow Analyzers

2017-12-01 Thread Dave 
For as small as our operation I have used cacti-ez recently with netflow 
and its really nice.

I only do a few hours when filtering.


On 12/01/2017 08:03 AM, Mike Hammett wrote:
The people I know using PRTG have left as it doesn't scale and has 
several other limitations. They've moved to netXMS.




-
Mike Hammett
Intelligent Computing Solutions <http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
Midwest Internet Exchange <http://www.midwest-ix.com/>
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>
The Brothers WISP <http://www.thebrotherswisp.com/>
<https://www.facebook.com/thebrotherswisp>


<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>

*From: *"Daniel Gerlach" <danielgerl...@gmail.com>
*To: *af@afmug.com
*Sent: *Thursday, November 30, 2017 10:21:58 AM
*Subject: *Re: [AFMUG] NetFlow Analyzers

prtg is free for 100 sensors
1 senor = netflow

2017-11-30 16:28 GMT+01:00 Justin Marshall <just...@pdmnet.net 
<mailto:just...@pdmnet.net>>:


Ended up trying this one
(https://sourceforge.net/projects/flowviewer/)

Got the back-end (Silk) up and collection flows, just having a
heck of a time trying to get the front-end to see the back-end.

I'm sure it's something simple.

Thanks for all the suggestions.  I may end up trying another if I
can't get this one going

-Original Message-
From: Af [mailto:af-boun...@afmug.com
<mailto:af-boun...@afmug.com>] On Behalf Of Steve
Sent: Thursday, November 30, 2017 9:04 AM
To: af
Subject: Re: [AFMUG] NetFlow Analyzers

Not free at all - but I've explored many of the products out
there.  The one I like the most isn't free and isn't on prem so
finding a way to set up a tunnel with them would be beneficial.

https://www.talaia.io/overview/

I've used ntop, scrutinizer (pretty good actually and has a free
level I believe) and the netflow analyzer.  If I recall it was
$1500 for 10 interfaces.  If you pipe everything through some
10Gbps channels you only need to use 1-2.  Any of them require a
good processor and good disk IO (use an ssd) so plan accordling. 
Or just use amazon and set up a tunnel to them to dump the data.

That ELK version looks interesting though.  I'm not a huge fan of
ELK at all but I do want to take a look at it now.


--
Steven Kenney
Network Operations Manager
WaveDirect Telecommunications
http://www.wavedirect.net
(519)737-WAVE (9283)

- Original Message -
From: "Justin Marshall" <just...@pdmnet.net
<mailto:just...@pdmnet.net>>
To: "af" <af@afmug.com <mailto:af@afmug.com>>
Sent: Tuesday, November 28, 2017 12:57:39 PM
Subject: [AFMUG] NetFlow Analyzers

Hi,

Does anyone know of a good (preferably open-source) NetFlow
analyzer?   Ntop's pricing scheme seems to be a little steep for
the amount of data I need to collect...

Thanks,
Justin
just...@pdmnet.net
<mailto:just...@pdmnet.net><mailto:just...@pdmnet.net
<mailto:just...@pdmnet.net>>





--

Re: [AFMUG] NetFlow Analyzers

2017-12-01 Thread Mike Hammett 
The people I know using PRTG have left as it doesn't scale and has several 
other limitations. They've moved to netXMS. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 




- Original Message -

From: "Daniel Gerlach" <danielgerl...@gmail.com> 
To: af@afmug.com 
Sent: Thursday, November 30, 2017 10:21:58 AM 
Subject: Re: [AFMUG] NetFlow Analyzers 



prtg is free for 100 sensors 
1 senor = netflow 



2017-11-30 16:28 GMT+01:00 Justin Marshall < just...@pdmnet.net > : 


Ended up trying this one ( https://sourceforge.net/projects/flowviewer/ ) 

Got the back-end (Silk) up and collection flows, just having a heck of a time 
trying to get the front-end to see the back-end. 

I'm sure it's something simple. 

Thanks for all the suggestions. I may end up trying another if I can't get this 
one going 

-Original Message- 
From: Af [mailto: af-boun...@afmug.com ] On Behalf Of Steve 
Sent: Thursday, November 30, 2017 9:04 AM 
To: af 
Subject: Re: [AFMUG] NetFlow Analyzers 



Not free at all - but I've explored many of the products out there. The one I 
like the most isn't free and isn't on prem so finding a way to set up a tunnel 
with them would be beneficial. 

https://www.talaia.io/overview/ 

I've used ntop, scrutinizer (pretty good actually and has a free level I 
believe) and the netflow analyzer. If I recall it was $1500 for 10 interfaces. 
If you pipe everything through some 10Gbps channels you only need to use 1-2. 
Any of them require a good processor and good disk IO (use an ssd) so plan 
accordling. Or just use amazon and set up a tunnel to them to dump the data. 

That ELK version looks interesting though. I'm not a huge fan of ELK at all but 
I do want to take a look at it now. 


-- 
Steven Kenney 
Network Operations Manager 
WaveDirect Telecommunications 
http://www.wavedirect.net 
(519)737-WAVE (9283) 

- Original Message - 
From: "Justin Marshall" < just...@pdmnet.net > 
To: "af" < af@afmug.com > 
Sent: Tuesday, November 28, 2017 12:57:39 PM 
Subject: [AFMUG] NetFlow Analyzers 

Hi, 

Does anyone know of a good (preferably open-source) NetFlow analyzer? Ntop's 
pricing scheme seems to be a little steep for the amount of data I need to 
collect... 

Thanks, 
Justin 
just...@pdmnet.net

Re: [AFMUG] NetFlow Analyzers

2017-11-30 Thread Daniel Gerlach 
yes, you have 100 sensors for free and you can use 1 of them for  for
netflow..

2017-11-30 17:27 GMT+01:00 Adam Moffett <dmmoff...@gmail.com>:

> What?  Serious?  You can use PRTG as a netflow analyzer without paying for
> it?
>
>
> -- Original Message --
> From: "Daniel Gerlach" <danielgerl...@gmail.com>
> To: "af@afmug.com" <af@afmug.com>
> Sent: 11/30/2017 11:21:58 AM
> Subject: Re: [AFMUG] NetFlow Analyzers
>
> prtg is free for 100 sensors
> 1 senor = netflow
>
> 2017-11-30 16:28 GMT+01:00 Justin Marshall <just...@pdmnet.net>:
>
>> Ended up trying this one (https://sourceforge.net/projects/flowviewer/)
>>
>> Got the back-end (Silk) up and collection flows, just having a heck of a
>> time trying to get the front-end to see the back-end.
>>
>> I'm sure it's something simple.
>>
>> Thanks for all the suggestions.  I may end up trying another if I can't
>> get this one going
>>
>> -Original Message-
>> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Steve
>> Sent: Thursday, November 30, 2017 9:04 AM
>> To: af
>> Subject: Re: [AFMUG] NetFlow Analyzers
>>
>> Not free at all - but I've explored many of the products out there.  The
>> one I like the most isn't free and isn't on prem so finding a way to set up
>> a tunnel with them would be beneficial.
>>
>> https://www.talaia.io/overview/
>>
>> I've used ntop, scrutinizer (pretty good actually and has a free level I
>> believe) and the netflow analyzer.  If I recall it was $1500 for 10
>> interfaces.  If you pipe everything through some 10Gbps channels you only
>> need to use 1-2.  Any of them require a good processor and good disk IO
>> (use an ssd) so plan accordling.  Or just use amazon and set up a tunnel to
>> them to dump the data.
>>
>> That ELK version looks interesting though.  I'm not a huge fan of ELK at
>> all but I do want to take a look at it now.
>>
>>
>> --
>> Steven Kenney
>> Network Operations Manager
>> WaveDirect Telecommunications
>> http://www.wavedirect.net
>> (519)737-WAVE (9283)
>>
>> - Original Message -
>> From: "Justin Marshall" <just...@pdmnet.net>
>> To: "af" <af@afmug.com>
>> Sent: Tuesday, November 28, 2017 12:57:39 PM
>> Subject: [AFMUG] NetFlow Analyzers
>>
>> Hi,
>>
>> Does anyone know of a good (preferably open-source) NetFlow analyzer?
>>  Ntop's pricing scheme seems to be a little steep for the amount of data I
>> need to collect...
>>
>> Thanks,
>> Justin
>> just...@pdmnet.net<mailto:just...@pdmnet.net>
>>
>
>

Re: [AFMUG] NetFlow Analyzers

2017-11-30 Thread Adam Moffett 
What?  Serious?  You can use PRTG as a netflow analyzer without paying 
for it?



-- Original Message --
From: "Daniel Gerlach" <danielgerl...@gmail.com>
To: "af@afmug.com" <af@afmug.com>
Sent: 11/30/2017 11:21:58 AM
Subject: Re: [AFMUG] NetFlow Analyzers


prtg is free for 100 sensors
1 senor = netflow

2017-11-30 16:28 GMT+01:00 Justin Marshall <just...@pdmnet.net>:
Ended up trying this one (https://sourceforge.net/projects/flowviewer/ 
<https://sourceforge.net/projects/flowviewer/>)


Got the back-end (Silk) up and collection flows, just having a heck of 
a time trying to get the front-end to see the back-end.


I'm sure it's something simple.

Thanks for all the suggestions.  I may end up trying another if I 
can't get this one going


-Original Message-
From: Af [mailto:af-boun...@afmug.com] On Behalf Of Steve
Sent: Thursday, November 30, 2017 9:04 AM
To: af
Subject: Re: [AFMUG] NetFlow Analyzers

Not free at all - but I've explored many of the products out there.  
The one I like the most isn't free and isn't on prem so finding a way 
to set up a tunnel with them would be beneficial.


https://www.talaia.io/overview/ <https://www.talaia.io/overview/>

I've used ntop, scrutinizer (pretty good actually and has a free level 
I believe) and the netflow analyzer.  If I recall it was $1500 for 10 
interfaces.  If you pipe everything through some 10Gbps channels you 
only need to use 1-2.  Any of them require a good processor and good 
disk IO (use an ssd) so plan accordling.  Or just use amazon and set 
up a tunnel to them to dump the data.


That ELK version looks interesting though.  I'm not a huge fan of ELK 
at all but I do want to take a look at it now.



--
Steven Kenney
Network Operations Manager
WaveDirect Telecommunications
http://www.wavedirect.net
(519)737-WAVE (9283)

- Original Message -
From: "Justin Marshall" <just...@pdmnet.net>
To: "af" <af@afmug.com>
Sent: Tuesday, November 28, 2017 12:57:39 PM
Subject: [AFMUG] NetFlow Analyzers

Hi,

Does anyone know of a good (preferably open-source) NetFlow analyzer?  
 Ntop's pricing scheme seems to be a little steep for the amount of 
data I need to collect...


Thanks,
Justin
just...@pdmnet.net<mailto:just...@pdmnet.net 
<mailto:just...@pdmnet.net>>

Re: [AFMUG] NetFlow Analyzers

2017-11-30 Thread Daniel Gerlach 
prtg is free for 100 sensors
1 senor = netflow

2017-11-30 16:28 GMT+01:00 Justin Marshall <just...@pdmnet.net>:

> Ended up trying this one (https://sourceforge.net/projects/flowviewer/)
>
> Got the back-end (Silk) up and collection flows, just having a heck of a
> time trying to get the front-end to see the back-end.
>
> I'm sure it's something simple.
>
> Thanks for all the suggestions.  I may end up trying another if I can't
> get this one going
>
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Steve
> Sent: Thursday, November 30, 2017 9:04 AM
> To: af
> Subject: Re: [AFMUG] NetFlow Analyzers
>
> Not free at all - but I've explored many of the products out there.  The
> one I like the most isn't free and isn't on prem so finding a way to set up
> a tunnel with them would be beneficial.
>
> https://www.talaia.io/overview/
>
> I've used ntop, scrutinizer (pretty good actually and has a free level I
> believe) and the netflow analyzer.  If I recall it was $1500 for 10
> interfaces.  If you pipe everything through some 10Gbps channels you only
> need to use 1-2.  Any of them require a good processor and good disk IO
> (use an ssd) so plan accordling.  Or just use amazon and set up a tunnel to
> them to dump the data.
>
> That ELK version looks interesting though.  I'm not a huge fan of ELK at
> all but I do want to take a look at it now.
>
>
> --
> Steven Kenney
> Network Operations Manager
> WaveDirect Telecommunications
> http://www.wavedirect.net
> (519)737-WAVE (9283)
>
> - Original Message -
> From: "Justin Marshall" <just...@pdmnet.net>
> To: "af" <af@afmug.com>
> Sent: Tuesday, November 28, 2017 12:57:39 PM
> Subject: [AFMUG] NetFlow Analyzers
>
> Hi,
>
> Does anyone know of a good (preferably open-source) NetFlow analyzer?
>  Ntop's pricing scheme seems to be a little steep for the amount of data I
> need to collect...
>
> Thanks,
> Justin
> just...@pdmnet.net<mailto:just...@pdmnet.net>
>

Re: [AFMUG] NetFlow Analyzers

2017-11-30 Thread Justin Marshall 
Ended up trying this one (https://sourceforge.net/projects/flowviewer/) 

Got the back-end (Silk) up and collection flows, just having a heck of a time 
trying to get the front-end to see the back-end.  

I'm sure it's something simple.

Thanks for all the suggestions.  I may end up trying another if I can't get 
this one going

-Original Message-
From: Af [mailto:af-boun...@afmug.com] On Behalf Of Steve
Sent: Thursday, November 30, 2017 9:04 AM
To: af
Subject: Re: [AFMUG] NetFlow Analyzers

Not free at all - but I've explored many of the products out there.  The one I 
like the most isn't free and isn't on prem so finding a way to set up a tunnel 
with them would be beneficial.  

https://www.talaia.io/overview/

I've used ntop, scrutinizer (pretty good actually and has a free level I 
believe) and the netflow analyzer.  If I recall it was $1500 for 10 interfaces. 
 If you pipe everything through some 10Gbps channels you only need to use 1-2.  
Any of them require a good processor and good disk IO (use an ssd) so plan 
accordling.  Or just use amazon and set up a tunnel to them to dump the data.  

That ELK version looks interesting though.  I'm not a huge fan of ELK at all 
but I do want to take a look at it now.  


-- 
Steven Kenney
Network Operations Manager
WaveDirect Telecommunications
http://www.wavedirect.net
(519)737-WAVE (9283)

- Original Message -
From: "Justin Marshall" <just...@pdmnet.net>
To: "af" <af@afmug.com>
Sent: Tuesday, November 28, 2017 12:57:39 PM
Subject: [AFMUG] NetFlow Analyzers

Hi,

Does anyone know of a good (preferably open-source) NetFlow analyzer?   Ntop's 
pricing scheme seems to be a little steep for the amount of data I need to 
collect...

Thanks,
Justin
just...@pdmnet.net<mailto:just...@pdmnet.net>

Re: [AFMUG] NetFlow Analyzers

2017-11-30 Thread Steve 
Not free at all - but I've explored many of the products out there.  The one I 
like the most isn't free and isn't on prem so finding a way to set up a tunnel 
with them would be beneficial.  

https://www.talaia.io/overview/

I've used ntop, scrutinizer (pretty good actually and has a free level I 
believe) and the netflow analyzer.  If I recall it was $1500 for 10 interfaces. 
 If you pipe everything through some 10Gbps channels you only need to use 1-2.  
Any of them require a good processor and good disk IO (use an ssd) so plan 
accordling.  Or just use amazon and set up a tunnel to them to dump the data.  

That ELK version looks interesting though.  I'm not a huge fan of ELK at all 
but I do want to take a look at it now.  


-- 
Steven Kenney
Network Operations Manager
WaveDirect Telecommunications
http://www.wavedirect.net
(519)737-WAVE (9283)

- Original Message -
From: "Justin Marshall" <just...@pdmnet.net>
To: "af" <af@afmug.com>
Sent: Tuesday, November 28, 2017 12:57:39 PM
Subject: [AFMUG] NetFlow Analyzers

Hi,

Does anyone know of a good (preferably open-source) NetFlow analyzer?   Ntop's 
pricing scheme seems to be a little steep for the amount of data I need to 
collect...

Thanks,
Justin
just...@pdmnet.net<mailto:just...@pdmnet.net>

Re: [AFMUG] NetFlow Analyzers

2017-11-29 Thread Dave 

Anyone use the new cacti-ez netflow plugin for simple snapshots?
I love it for where we are now...
I wish Ntopng would get off the GPL thingy



On 11/28/2017 11:59 AM, Zach Underwood wrote:

I found this one yesterday, only had a chance to look at the website.
https://github.com/robcowart/elastiflow/

On Tue, Nov 28, 2017 at 12:57 PM, Justin Marshall > wrote:


Hi,

Does anyone know of a good (preferably open-source) NetFlow
analyzer?   Ntop’s pricing scheme seems to be a little steep for
the amount of data I need to collect…

Thanks,

Justin

just...@pdmnet.net 




--
Zach Underwood (RHCE,RHCSA,RHCT,UACA)
My website 
advance-networking.com 


--

Re: [AFMUG] NetFlow Analyzers

2017-11-28 Thread Mike Hammett 
A similar one that I haven't used either: 

https://gitlab.com/thart/flowanalyzer 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 




- Original Message -

From: "Zach Underwood" <zunder1...@gmail.com> 
To: af@afmug.com 
Sent: Tuesday, November 28, 2017 11:59:20 AM 
Subject: Re: [AFMUG] NetFlow Analyzers 


I found this one yesterday, only had a chance to look at the website. 
https://github.com/robcowart/elastiflow/ 



On Tue, Nov 28, 2017 at 12:57 PM, Justin Marshall < just...@pdmnet.net > wrote: 





Hi, 

Does anyone know of a good (preferably open-source) NetFlow analyzer? Ntop’s 
pricing scheme seems to be a little steep for the amount of data I need to 
collect… 

Thanks, 
Justin 
just...@pdmnet.net 







-- 






Zach Underwood (RHCE,RHCSA,RHCT, UACA ) 


My website 

advance-networking.com

Re: [AFMUG] NetFlow Analyzers

2017-11-28 Thread Josh Baird 
Ah - I'm glad he decided to actually release that code!  This looks cool.
Not thrilled about an ELK stack for this, but I think I'll give it a try.

On Tue, Nov 28, 2017 at 12:59 PM, Zach Underwood 
wrote:

> I found this one yesterday, only had a chance to look at the website.
> https://github.com/robcowart/elastiflow/
>
> On Tue, Nov 28, 2017 at 12:57 PM, Justin Marshall 
> wrote:
>
>> Hi,
>>
>>
>>
>> Does anyone know of a good (preferably open-source) NetFlow analyzer?
>>  Ntop’s pricing scheme seems to be a little steep for the amount of data I
>> need to collect…
>>
>>
>>
>> Thanks,
>>
>> Justin
>>
>> just...@pdmnet.net
>>
>>
>>
>>
>>
>
>
>
> --
> Zach Underwood (RHCE,RHCSA,RHCT,UACA)
> My website 
> advance-networking.com
>

Re: [AFMUG] NetFlow Analyzers

2017-11-28 Thread Josh Baird 
nfsen+nfdump, while a bit ugly, gets the job done.  It's free, stable and
has helped me tremendously.

Josh

On Tue, Nov 28, 2017 at 12:57 PM, Justin Marshall 
wrote:

> Hi,
>
>
>
> Does anyone know of a good (preferably open-source) NetFlow analyzer?
>  Ntop’s pricing scheme seems to be a little steep for the amount of data I
> need to collect…
>
>
>
> Thanks,
>
> Justin
>
> just...@pdmnet.net
>
>
>
>
>

Re: [AFMUG] NetFlow Analyzers

2017-11-28 Thread Zach Underwood 
I found this one yesterday, only had a chance to look at the website.
https://github.com/robcowart/elastiflow/

On Tue, Nov 28, 2017 at 12:57 PM, Justin Marshall 
wrote:

> Hi,
>
>
>
> Does anyone know of a good (preferably open-source) NetFlow analyzer?
>  Ntop’s pricing scheme seems to be a little steep for the amount of data I
> need to collect…
>
>
>
> Thanks,
>
> Justin
>
> just...@pdmnet.net
>
>
>
>
>



-- 
Zach Underwood (RHCE,RHCSA,RHCT,UACA)
My website 
advance-networking.com

[AFMUG] NetFlow Analyzers

2017-11-28 Thread Justin Marshall 
Hi,

Does anyone know of a good (preferably open-source) NetFlow analyzer?   Ntop's 
pricing scheme seems to be a little steep for the amount of data I need to 
collect...

Thanks,
Justin
just...@pdmnet.net