ElastiFlow
DISCONTINUED
vFlow
Our great sponsors
ElastiFlow | vFlow | |
---|---|---|
31 | 1 | |
2,311 | 1,059 | |
- | 1.5% | |
4.1 | 2.0 | |
over 2 years ago | 22 days ago | |
Shell | Go | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ElastiFlow
- NETFLOW .. NTOPNG how to ?
-
Threat detection
One thing I ran for a while was security onion and utilized port mirroring to mirror the uplink port from my primary switch to my LAN on my router, so I was catching anything coming into/out of my network destined for internet. I've also used ElastiFlow ( https://github.com/robcowart/elastiflow ) which is absolutely phenomenal and awesome, I did the same and it provides some great data. You could also leverage IntelOwl ( https://github.com/intelowlproject/IntelOwl ) , one thing I have added to all my VMs is a OSSEC agent, Wazuh to be specific which is free ( https://github.com/wazuh/wazuh ) and while I am not using it to its full potential such as monitoring file deletions/modifications etc it is a powerful tool.
- Linux Network Traffic Monitor
-
Netflow bit rate and Interface Bit Rate
https://github.com/robcowart/elastiflow/issues/201 https://github.com/robcowart/elastiflow/issues/52
- Network Traffic visualization
-
Installation help, almost there.
Looks like that's deprecated, https://github.com/robcowart/elastiflow/ Any reason not to try the new one? https://docs.elastiflow.com/docs/
Where as the newer version is (https://github.com/robcowart/elastiflow/) is called:
-
Looking for a netflow monitoring solution
Whilst elastiflow has moved on and become more 'commercial', the original Github source remains, and has a lot of very useful information for setting it up. Works very well with sflow/netflow/ipfix. I have pfSense, and JunOS exporting to a Ubuntu 18.04 running Elastic 7.14.
-
Netflow Monitoring Software Based on FLOSS
Elastiflow
- Sflow (Docker Preferably)
vFlow
-
Netflow Monitoring Software Based on FLOSS
Verizon vflow
What are some alternatives?
ntopng - Web-based Traffic and Security Network Traffic Monitoring
pfelk - pfSense/OPNsense + Elastic Stack
LibreNMS - Community-based GPL-licensed network monitoring system
Netdata - Monitor your servers, containers, and applications, in high-resolution and in real-time.
loki - Like Prometheus, but for logs.
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Zabbix - Real-time monitoring of IT components and services, such as networks, servers, VMs, applications and the cloud.
FastNetMon - FastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support
docker-nfsen - NFSEN in Docker
goflow2 - High performance sFlow/IPFIX/NetFlow Collector
Sentry - Developer-first error tracking and performance monitoring
goflow - The high-scalability sFlow/NetFlow/IPFIX collector used internally at Cloudflare.