[c-nsp] netflow tools

[Jeff Wojciechowski]

I give Scrutinizer 5 stars!! We have ours running in a windows VM and are keeping 1 month worth of 1 minute data across our network and I can't believe how many minor configuration issues I have found just by looking at 'normal' traffic and then at some point in the future seeing something that doesn't look right.

Couple things I wish it would do:

1)  is to be able to send email alerts directly based on various alarms (instead of just generating a syslog now). I have been working with the folks at Plixer on the 8 beta (actually installing 8.0.0 RC 1 right now) and they say that this feature will be in one of the next releases.
2) have traffic analysis such as find high point of traffic on specific interface in past X days and I am told something like this is coming down the pike too.


Thanks,

-Jeff


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Bøvre Jon Harald
Sent: Monday, September 20, 2010 12:14 AM
To: mail at sharloncarty.net; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] netflow tools


Scruitinizer from plixer.com as a low-cost windows alternative

Jon

________________________________________
Fra: cisco-nsp-bounces at puck.nether.net [cisco-nsp-bounces at puck.nether.net] på vegne av Sharlon R. Carty [me at sharloncarty.net]
Sendt: 20. september 2010 01:01
Til: cisco-nsp at puck.nether.net
Emne: [c-nsp] netflow tools

Hello,



Anyone know of any netflow collector tools that can filter the data based on ASN? The majority tools I have tried filter based on IP address, IP group, domain name etc.

Looking for something that can show me x amount of traffic from asn124 and so on etc


--
--sharlon
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

This electronic mail (including any attachments) may contain information that is privileged, confidential, or otherwise protected from disclosure to anyone other than its intended recipient(s). Any dissemination or use of this electronic mail or its contents (including any attachments) by persons other than the intended recipient(s) is strictly prohibited. If you have received this message in error, please delete the original message in its entirety (including any attachments) and notify us immediately by reply email so that we may correct our internal records.  Midland Paper Company accepts no responsibility for any loss or damage from use of this electronic mail, including any damage resulting from a computer virus.