Re: Spiffy Netflow tools?

Stipo wrote: > +1 ElastiFlow, the templates are great, a great quickstart to using > netflow on elk stack. out of curiosity, I set up a test ElastiFlow installation on a small site recently. It's completely gorgeous from an eye candy point of view and it's pretty easy to see how you could tap

Re: Spiffy Netflow tools?

Also +1 for plixer scrutinizer. On 3/19/2018 10:16 AM, Gustavo Santos wrote: +1 for Plixer Scrutinizer 2018-03-17 19:42 GMT-03:00 Michael Krygeris : Disclaimer: Am Plixer engineer. If you want to take it for a spin, you can download a fully functional OVA/QCOW2 30 day

Re: Spiffy Netflow tools?

+1 for Plixer Scrutinizer 2018-03-17 19:42 GMT-03:00 Michael Krygeris : > Disclaimer: Am Plixer engineer. > If you want to take it for a spin, you can download a fully functional > OVA/QCOW2 30 day eval from the plixer website. I can also get you access to > an AWS AMI as

Re: Spiffy Netflow tools?

Disclaimer: Am Plixer engineer. If you want to take it for a spin, you can download a fully functional OVA/QCOW2 30 day eval from the plixer website. I can also get you access to an AWS AMI as well. I don’t want to turn this into an Ad. So DM if you need any info/access. Mike Krygeris On Tue,

RE: Spiffy Netflow tools?

Netflow Auditor In-house solution. The interface takes some getting used to, but you can pull a-n-y-t-h-i-n-g from it. Easy setup, great support, highly scalable, priced well. Best regards, -Alex -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of

Re: Spiffy Netflow tools?

(To the thread in general) Those of us using RouterOS have to suffer a bit longer to get ASN-usefulness out of these tools. Well, natively. I'm just about done with using pmacct to inject the ASN into into a local Flow Analyzer. Maybe I can figure out at some point how to get pmacct to spit

Re: Spiffy Netflow tools?

+1 ElastiFlow, the templates are great, a great quickstart to using netflow on elk stack. -Vinny Stipo On Wed, Mar 14, 2018 at 2:57 AM, Luuk Hendriks wrote: > IPFIXcol+fbitdump is what we use for our IPFIX measurements: > https://github.com/CESNET/ipfixcol/ > > Can

Re: Spiffy Netflow tools?

IPFIXcol+fbitdump is what we use for our IPFIX measurements: https://github.com/CESNET/ipfixcol/ Can do NetFlow v5/v9 and sFlow as well. luuk On Mon 12 Mar 2018, 16:24, mike.l...@gmail.com wrote: > Howdy! > > Checking out various Netflow tools and wanted to see what others are using? > >

Re: Spiffy Netflow tools?

ility for any errors or omissions in the contents of this > > message, which arise as a result of e-mail transmission. . > > > > -Original Message- > > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Hugo Slabbert > > Sent: Tuesday, Marc

Re: Spiffy Netflow tools?

ability for any errors or omissions in the contents of this > message, which arise as a result of e-mail transmission. . > > -Original Message- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Hugo Slabbert > Sent: Tuesday, March 13, 2018 10:44 AM > To: Fredrik

Re: Spiffy Netflow tools?

Mike, All of the architecture's listed are pretty good. Nfsen is great if you have multiple routers exporting various netflow versions with a single daemon, but its a bit older and not as pretty/quick as something using elastic. Team Cymru has a netflow analyzer that matches your netflow data to

Re: Spiffy Netflow tools?

Not necessarily (only) for *flow, but very nice combo: Luca Deri's ntopng+nprobe (https://www.ntop.org/products/traffic-analysis/ntop/) ***Stefan On Mon, Mar 12, 2018, 6:26 PM wrote: > Howdy! > > Checking out various Netflow tools and wanted to see what others are using? >

RE: Spiffy Netflow tools?

Slabbert Sent: Tuesday, March 13, 2018 10:44 AM To: Fredrik Korsbäck Cc: nanog@nanog.org Subject: Re: Spiffy Netflow tools? On Tue 2018-Mar-13 00:50:26 +0100, Fredrik Korsbäck <hu...@nordu.net> wrote: > >Kentik is probably top of the foodchain right now. > >But they are c

Re: Spiffy Netflow tools?

Plixer is also interesting. nfdump works great with NetFlow but support for IPFIX is somehow limited to basics. -- Babak On 13 Mar 2018, at 3:20, Fredrik Korsbäck wrote: On 2018-03-13 00:24, mike.l...@gmail.com wrote: Howdy! Checking out various Netflow tools and wanted to see what

Re: Spiffy Netflow tools?

On Tue 2018-Mar-13 00:50:26 +0100, Fredrik Korsbäck wrote: Kentik is probably top of the foodchain right now. But they are certainly not alone in the biz. Ontop of my head... * Flowmon * Talaia * Arbor Peakflow * Deepfield * Pmacct + supporting toolkit *

RE: Spiffy Netflow tools?

FlowViewer is a robust user interface complement to Carnegie Mellon's SiLK netflow capture and analysis tool suite. FlowViewer provides the user with text/graphical analysis tools, multiple dashboards, long-term tracking of filtered sets, automatic storage management, raw netflow packet

Re: Spiffy Netflow tools?

On 2018-03-13 00:24, mike.l...@gmail.com wrote: > Howdy! > > Checking out various Netflow tools and wanted to see what others are using? > > Kentik is cool. Are they the only SaaS based flow digester? I don’t seem to > see any others. > > Also curious about on-prem solutions as well. > >

Re: Spiffy Netflow tools?

I'm very fond of nfsen/nfdump for on-prem. Setup is not complicated at all and plugins are widely available. Also inbefore Solarwinds... -Matt On Mar 12, 2018 18:25, wrote: Howdy! Checking out various Netflow tools and wanted to see what others are using? Kentik is

Re: Spiffy Netflow tools?

Hey Mike. Kentik does on-prem, too. Full disclosure: I work for Kentik and I’m glad you think we’re cool :-) Dan On Mon, Mar 12, 2018 at 4:26 PM wrote: > Howdy! > > Checking out various Netflow tools and wanted to see what others are using? > > Kentik is cool. Are they