Re: Open source Netflow analysis for monitoring AS-to-AS traffic

On Wed, 27 Mar 2024 at 21:02, Peter Phaal wrote: > Brian, you may want to see if your routers support sFlow (vendors have added > the feature over the last few years). Why is this a solution, what does it solve for OP? Why is it meaningful what the wire-format of the records are? I read OP's qu

Re: Open source Netflow analysis for monitoring AS-to-AS traffic

Brian, you may want to see if your routers support sFlow (vendors have added the feature over the last few years). In particular, see if it includes support for the sFlow extended_gateway structure: /* Extended Gateway Data */ /* opaque = flow_data; enterprise = 0; format = 1003 */ struct extend

Re: Open source Netflow analysis for monitoring AS-to-AS traffic

Try FlowViewer http://flowviewer.net Free, complete, graphical netflow analysis tool. Developed for NASA. Runs on top of SiLK, a powerful open-source netflow capture and analysis tool developed by Carnegie-Mellon for DoD. Supports IPFIX, netflow v5, sflow, IPv6. Text reports, graphing and long

Re: Open source Netflow analysis for monitoring AS-to-AS traffic

Brian, I have used Akvorado in an environment with ~80G of traffic and I was super happy. It can be easily set via a docker-compose file and amongst its key benefits is the user-friendly UI that allows you to gain insight into your network traffic. There is also a demo instance available t

Re: Open source Netflow analysis for monitoring AS-to-AS traffic

I’m using Alvarado for netflow and I’m pretty happy with it. Seeing it recommended more frequently on Reddit and elsewhere lately too. [akvorado.png] akvorado/akvorado: Flow collector, enricher and visualizer github.co