[j-nsp] Netflow analyzer / collector
Aaron Gould
aaron1 at gvtc.com
Tue May 23 15:13:22 EDT 2017
I've used nfsen/nfdump for a long time and really like it. It's light
weight and fast for showing me ports/ip/flows, etc.... it's my go-to tool
for discerning the source and port vectors used in ddos attacks that hit my
network regularly. It sends us alarms during attacks
-Aaron
-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
Scott Granados
Sent: Monday, May 22, 2017 12:51 PM
To: John Luthcinson <luthcinson at gmail.com>
Cc: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] Netflow analyzer / collector
I would check out the good ol NFCAPD and NFDUMP.
Pretty good set of open source tools for collection of data and then
reporting.
Thanks
> On May 22, 2017, at 2:21 AM, John Luthcinson <luthcinson at gmail.com> wrote:
>
> Hi list
>
> Could you recommend good Netflow/IPFIX analyzer / collector tools for
> SP environment? In the past (over 10 years ago) I have used e.g.
> flow-tools but it seems not well maintained nowadays. Scripting and
> data export options are appreciated.
>
> Goal is to export flow data mostly from Juniper MX devices (inline
> j-flow)
>
>
> Thanks
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list