Re: Proxying NetFlow traffic correctly

2017-06-07 Thread Jérôme Fleury
We use pmacct with it's tee plugin - it gets the job done beautifully and it's a one-liner config. https://github.com/pmacct/pmacct/blob/master/CONFIG-KEYS On Tue, Jun 6, 2017 at 2:43 PM, Sami via NANOG wrote: > Hello, > I have been searching for a solution that

Re: Proxying NetFlow traffic correctly

2017-06-07 Thread Mike Sabbota
Check out samplicator. https://github.com/sleinen/samplicator --Mike On Tue, Jun 6, 2017 at 2:43 PM, Sami via NANOG wrote: > Hello, > I have been searching for a solution that collects/duplicates NetFlow > traffic properly for a while but i couldn't find any. > Do you know

Re: Proxying NetFlow traffic correctly

2017-06-07 Thread Joe Loiacono
You may want to check out the SiLK netflow capture and analysis tool suite. Look in particular at it's SiLK Administrators Tools section which provides extensive flexibility for manipulating netflow exports. The analysis tools are quite good too.

Re: Proxying NetFlow traffic correctly

2017-06-06 Thread Selphie Keller
samplicate is very good, been using it for 6 years for netflow duplication using botth the spoofing and non, depending on the sensor's needs if it needs to retain the source ip or not. On 6 June 2017 at 20:39, Dobbins, Roland wrote: > > > On Jun 7, 2017, at 06:32, Sami via

Re: Proxying NetFlow traffic correctly

2017-06-06 Thread Dobbins, Roland
On Jun 7, 2017, at 06:32, Sami via NANOG > wrote: My goal is to centralize NetFlow traffic into a single machine and then proxy some flows to other destinations for further analysis Or nprobe, as was already

Re: Proxying NetFlow traffic correctly

2017-06-06 Thread Hugo Slabbert
On Tue 2017-Jun-06 16:39:16 -0700, Hugo Slabbert wrote: On Tue 2017-Jun-06 17:43:46 -0400, Sami via NANOG wrote: Hello, I have been searching for a solution that collects/duplicates NetFlow traffic properly for a while but i couldn't find any. Do you

Re: Proxying NetFlow traffic correctly

2017-06-06 Thread Hugo Slabbert
On Tue 2017-Jun-06 17:43:46 -0400, Sami via NANOG wrote: Hello, I have been searching for a solution that collects/duplicates NetFlow traffic properly for a while but i couldn't find any. Do you know any good unix alternative to ntopng, flowd, flow-tools? nprobe of netflow

Re: Proxying NetFlow traffic correctly

2017-06-06 Thread Tim Raphael
nProbe is what you want, it’s another product from NTop. http://www.ntop.org/products/netflow/nprobe/ - Tim > On 7 Jun 2017, at 7:43 am, Sami via NANOG wrote: > > Hello, > I have been searching for a solution that