[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Looking for Netflow analysis package

Op 20-5-2013 0:40, Cameron Daniel schreef:
> On 2013-05-17 8:11 pm, Tim Vollebregt wrote:
>> Is anyone using an open source solution to process netflow v9 captures?
>> I'm waiting for SiLK v3 for some time now, which is currently only
>> available for TLA's and Universities.
>> Currently looking into nfdump.
> To drag this back on topic, yes I'm currently using nfcap/nfdump to 
> capture and parse Netflow v9. It's not as tidy as I'd like but it does 
> the job.
> If you want something you can just point and shoot, nfsen ties those 
> two tools together into one config file.
>> Tim
Not only for netflow analysis, but also a DDOS detection tool: I am 
testing Andrisoft Wanguard this month.
Very nice webinterface and has even possibility to do BGP blackholing.