[j-nsp] Netflow analyzer / collector

Aaron Gould aaron1 at gvtc.com
Tue May 23 15:13:22 EDT 2017


I've used nfsen/nfdump for a long time and really like it.  It's light
weight and fast for showing me ports/ip/flows, etc.... it's my go-to tool
for discerning the source and port vectors used in ddos attacks that hit my
network regularly.  It sends us alarms during attacks

-Aaron

-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
Scott Granados
Sent: Monday, May 22, 2017 12:51 PM
To: John Luthcinson <luthcinson at gmail.com>
Cc: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] Netflow analyzer / collector

I would check out the good ol NFCAPD and NFDUMP.

Pretty good set of open source tools for collection of data and then
reporting.

Thanks

> On May 22, 2017, at 2:21 AM, John Luthcinson <luthcinson at gmail.com> wrote:
> 
> Hi list
> 
> Could you recommend good Netflow/IPFIX analyzer / collector tools for 
> SP environment? In the past (over 10 years ago) I have used e.g. 
> flow-tools but it seems not well maintained nowadays.  Scripting and 
> data export options are appreciated.
> 
> Goal is to export flow data mostly from Juniper MX devices (inline 
> j-flow)
> 
> 
> Thanks
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/juniper-nsp

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list