pmacct
TimescaleDB
pmacct | TimescaleDB | |
---|---|---|
8 | 82 | |
1,017 | 16,500 | |
1.0% | 0.8% | |
9.2 | 9.8 | |
9 days ago | about 19 hours ago | |
C | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pmacct
-
NetFlow-equivalent analysis for mirrored traffic
If you want a tool that can ingest from a span port and generate netflow or IPFIX there is pmacct. This should work with your existing tooling that collects netflow data.
- Looking for network traffic analysis solution
-
Free netflow collector that forwards messages to a syslog server?
Your best bet is probably pmacct. I don't think this functionality is built-in per se, but it would be fairly easy to use syslog-ng or similar to read its output from file or stdout. It can also aggregate for you, if that's useful.
- How to locate device illegally downloading on network
- IPv4 vs IPv6 traffic stats
-
Benchmarking: TimescaleDB vs. ClickHouse
While I'm not a current customer of Timescale, I do use the open source version of Timescale extensively, so I feel like I can summarize some of the benefits of Timescale over other TSDB's. The company is a mid size, with awkward data 4+PB unstructured data, with our Postgres cluster hosting about 20 TB of data.
The main advantage from my perspective, is that you can query across data business data and time series data with all the advantages that Postgres has. Time series data while useful on its own, becomes incredibly powerful when it can be combined with your business and production data.
A great example is our outbound network data monitoring. We use pmacct http://www.pmacct.net/ to send network flows to Postgres from our firewall, host inventory data in Postgres, and a foreign data wrapper around our LDAP data to determine user / host assignment, and from that we can correlate every data flow to the user who is assigned to the host that generated that particular flow. This makes for some pretty powerful security reporting. Outside of that, we use Timescale's hypertables in a number of places that aren't explicitly timeseries data, like syslog data, web server logs, etc. This allows for some pretty amazing reporting on log data that is timeboxed, like "give me all the 500 errors from our HTTP log that have an ip address in Finland (did I mention that we load GeoIP data into Postgres every night) in the last 3.5 hours.
Timescale is excellent on its own, and honestly competitive with other TSDB's on its own. Having access to the full Postgres ecosystem with your timeseries data makes Timescale way ahead of everyone else. My story might change when I hit the limits of what a single Postgres host can ingest, but I'm not even close to that scale yet.
Other advantages of Timescale, is having access to real SQL, you don't have to learn a new domain specific query language, you can just use SQL. This admittedly can be a double edge sword. SQL is more complicated than PromQL / InfluxQL, however that comes with quite a lot of extra capability, and the ability to transfer that knowledge into other domains.
I personally really like Timescale, and feel that regardless of anyones benchmarks, no matter how well thought out or not, the advantages outweigh the disadvantages by a pretty large margin.
-
Port Mirror and GoFlow Collector
GoFlow doesn't capture raw packets, it accepts IPFIX/Netflow/sFlow. You will either need to configure your equipment to generate that flow data and send it to the goflow collector, or use an application like pacct to capture packets and generate IPFIX/Netflow data from it.
-
FRRouting and IPFix/Netflow
https://github.com/pmacct/pmacct is the best exporter I've found. I can pull some old configs for pmacct if you're interested. You can either BGP peer pmacct to FRR to enrich IPFIX with ASNs or you can even instruct pmacct to read prefix to AS mappings from a file.
TimescaleDB
- TimescaleDB: An open-source time-series SQL database
-
Google Cloud Spanner is now half the cost of Amazon DynamoDB
Don't forget PostgreSQL extensions. For something like a chat log, TimescaleDB (https://www.timescale.com/) can be surprisingly efficient. It will handle partitioning for you, with additional features like data reordering, compression, and retention policies.
-
How to setup Postgres master-master cluster.
Offboard it to Postgres specialists like https://www.timescale.com/
-
How to Choose the Right MQTT Data Storage for Your Next Project
TimescaleDB{:target="_blank"}: an extension of PostgreSQL that adds time-series capabilities to the relational database model. It provides scalability and performance optimizations for handling large volumes of time-stamped data while maintaining the flexibility of a relational database.
-
Why does the presence of a large write-only table in a PostgreSQL database cause severe performance degradation?
Have some experience with https://www.timescale.com in this context
-
Opinions and Suggestions for PostgreSQL Extension under Development
What about getting in touch with commercial organisations that have products/services based on PostgreSQL? For example Timescale, EDB, and Citus Data, or really any hosting provider that offers a managed PostgreSQL service.
-
I have to do about a million inserts on a table every day that is also under very frequent reads. How should I do that?
There is Timescale.
-
Ask HN: It's 2023, how do you choose between MySQL and Postgres?
Friends don't let their friends choose Mysql :)
A super long time ago (decades) when I was using Oracle regularly I had to make a decision on which way to go. Although Mysql then had the mindshare I thought that Postgres was more similar to Oracle, more standards compliant, and more of a real enterprise type of DB. The rumor was also that Postgres was heavier than MySQL. Too many horror stories of lost data (MyIsam), bad transactions (MyIsam lacks transaction integrity), and the number of Mysql gotchas being a really long list influenced me.
In time I actually found out that I had underestimated one of the most important attributes of Postgres that was a huge strength over Mysql: the power of community. Because Postgres has a really superb community that can be found on Libera Chat and elsewhere, and they are very willing to help out, I think Postgres has a huge advantage over Mysql. RhodiumToad [Andrew Gierth] https://github.com/RhodiumToad & davidfetter [David Fetter] https://www.linkedin.com/in/davidfetter are incredibly helpful folks.
I don't know that Postgres' licensing made a huge difference or not but my perception is that there are a ton of 3rd party products based on Postgres but customized to specific DB needs because of the more liberalness of the PG license which is MIT/BSD derived https://www.postgresql.org/about/licence/
Some of the PG based 3rd party DBs:
Enterprise DB https://www.enterprisedb.com/ - general purpose PG with some variants
Greenplum https://greenplum.org/ - Data warehousing
Crunchydata https://www.crunchydata.com/products/hardened-postgres - high security Postgres for regulated environments
Citus https://www.citusdata.com - Distributed DB & Columnar
Timescale https://www.timescale.com/
Why Choose PG today?
If you want better ACID: Postgres
If you want more compliant SQL: Postgres
If you want more customizability to a variety of use-cases: Postgres using a variant
If you want the flexibility of using NOSQL at times: Postgres
If you want more product knowledge reusability for other backend products: Postgres
-
Help with timeseries data
TimescaleDB is Postgres with extensions to automatically partition tables for fast processing of time series data.
- Postgres for time-series data
What are some alternatives?
nfdump - Netflow processing tools
ClickHouse - ClickHouse® is a free analytics DBMS for big data
FastNetMon - FastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support
promscale - [DEPRECATED] Promscale is a unified metric and trace observability backend for Prometheus, Jaeger and OpenTelemetry built on PostgreSQL and TimescaleDB.
nDPI - Open Source Deep Packet Inspection Software Toolkit
TDengine - TDengine is an open source, high-performance, cloud native time-series database optimized for Internet of Things (IoT), Connected Cars, Industrial IoT and DevOps.
VictoriaMetrics - VictoriaMetrics: fast, cost-effective monitoring solution and time series database
GORM - The fantastic ORM library for Golang, aims to be developer friendly
temporal_tables - Temporal Tables PostgreSQL Extension
ipt-netflow - Netflow iptables module for Linux kernel (official)
pgbouncer - lightweight connection pooler for PostgreSQL