Re: oss netflow collector/trending/analysis

2014-05-04 Thread David Edelman
Argus (qosient.com) is worth looking at. Dave Edelman On May 2, 2014, at 12:21, Leslie geekg...@gmail.com wrote: pmacct (http://www.pmacct.net/) is another pretty awesome open source tool. Leslie On Fri, May 2, 2014 at 8:00 AM, Avi Freedman freed...@freedman.net wrote: There's

Re: oss netflow collector/trending/analysis

2014-05-04 Thread Warren Bailey
Subject: Re: oss netflow collector/trending/analysis Argus (qosient.com) is worth looking at. Dave Edelman On May 2, 2014, at 12:21, Leslie geekg...@gmail.com wrote: pmacct (http://www.pmacct.net/) is another pretty awesome open source tool. Leslie On Fri, May 2, 2014 at 8:00 AM, Avi

oss netflow collector/trending/analysis

2014-05-02 Thread Matthew Galgoci
Hey There, I was just wondering, for people who are doing netflow analysis with open source tools and who are doing at least 10k or more flows per second, what are you using? I know of three tool sets: - The classic osu flow-tools and the modern continuation/fork. - ntop - nfdump/nfsen Is

Re: oss netflow collector/trending/analysis

2014-05-02 Thread Dobbins, Roland
On May 2, 2014, at 9:36 PM, Matthew Galgoci mgalg...@redhat.com wrote: A few folks here really seem to like nfsen/nfdump. The good thing about nfdump/nfsen is that you can customize it and do a lot with it, and it's easy to get set up and running. This is the canonical list of open-source

Re: oss netflow collector/trending/analysis

2014-05-02 Thread Jeroen Massar
On 2014-05-02 16:36, Matthew Galgoci wrote: [..] Is there anything else I've missed? A few folks here really seem to like nfsen/nfdump. For OSS that is pretty much it that really matters (maybe you could add Argus if you really want though). For a long long list, check out Simon Leinen's site:

Re: oss netflow collector/trending/analysis

2014-05-02 Thread Avi Freedman
There's also SiLK from CMU. It's powerful but has a learning curve. I also see pmacct being used both by some end networks and by some vendors as part of systems. Avi Hey There, I was just wondering, for people who are doing netflow analysis with open source tools and who are doing at

Re: oss netflow collector/trending/analysis

2014-05-02 Thread Leslie
pmacct (http://www.pmacct.net/) is another pretty awesome open source tool. Leslie On Fri, May 2, 2014 at 8:00 AM, Avi Freedman freed...@freedman.net wrote: There's also SiLK from CMU. It's powerful but has a learning curve. I also see pmacct being used both by some end networks and by

Re: oss netflow collector/trending/analysis

2014-05-02 Thread Joe Loiacono
NANOG nanog-bounces+jloiacon=csc@nanog.org wrote on 05/02/2014 11:00:15 AM: From: freed...@freedman.net (Avi Freedman) There's also SiLK from CMU. It's powerful but has a learning curve. SiLK is very good. See FlowViewer for a powerful front-end to the tool.

Re: oss netflow collector/trending/analysis

2014-05-02 Thread Pierre-Yves Maunier
2014-05-02 16:36 GMT+02:00 Matthew Galgoci mgalg...@redhat.com: Hey There, I was just wondering, for people who are doing netflow analysis with open source tools and who are doing at least 10k or more flows per second, what are you using? I know of three tool sets: - The classic osu