[AusNOG] NetFlow Recommendations

Nikolas Geyer nik at neko.id.au
Thu Sep 21 07:32:33 EST 2017


If you have the cash, go with Kentik. It’s a fantastic product with rapid development and some very big names in the industry are using it now.

If you’re rolling your own start with pmacct and go from there. You can dump it straight into an ELK cluster or get really fancy, e.g. putting it onto a Kafka queue so multiple systems can subscribe to it, do data enrichment and push the data around/manipulate it as much as you want. Very good if you have multiple teams (looking at you security) wanting access to the data. Your options here really are limitless.

Sent from my iPhone

On 20 Sep 2017, at 12:03 pm, Nishal Goburdhan <nishal at controlfreak.co.za<mailto:nishal at controlfreak.co.za>> wrote:

On 20 Sep 2017, at 1:48, Dave Browning wrote:

Hi All,

Just chasing people’s recommendations for a good carrier/ISP grade Netflow collector & analyser. Have had a play with ntopng & nprobe and so far is looking the goods.



https://github.com/VerizonDigital/vflow is on my ever increasing list of things to check out.

—n.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170920/2ccf0c48/attachment.html>


More information about the AusNOG mailing list