[c-nsp] Open-source Netflow Collector
Phil Mayers
p.mayers at imperial.ac.uk
Fri Mar 2 11:04:27 EST 2007
Adrian Chadd wrote:
> On Thu, Mar 01, 2007, Matti Saarinen wrote:
>> "Zahid Hassan " wrote:
>>
>>> Can anyone please recommend any opensource Netflow collector
>>> which either comes with a reporter software or will integrate
>>> well any other Netflow visualisation software.
>> Currently. I'm satisfied to nfdump (the collector) and NfSen (the
>> visualisation part).
>>
>> http://nfdump.sourceforge.net/
>> http://nfsen.sourceforge.net/
>
> Is anyone running netflow v9 + ipv6 through anything open-source like?
I'm running v9 through nfdump.
No IPv6 flows yet, but I see no reason it would be a problem.
HOWEVER - the nfdump file format does not record some of the extended
fields which the nf9 can contain and would be useful to - example, the
mac address
(It also doesn't store the netmask of the matching route, which would be
useful for us too)
I did look at the code but it's non-trivial.
More information about the cisco-nsp
mailing list