udp-replicator
nfdump
udp-replicator | nfdump | |
---|---|---|
1 | 4 | |
43 | 741 | |
- | - | |
10.0 | 9.6 | |
about 2 years ago | 5 days ago | |
Go | C | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
udp-replicator
-
real-time analytics / traffic capture on MX204
If you need to split your existing netflow stream between FastNetMon and nfdump, try UDP replicator. This will take an inbound UDP flow and forward it to N destinations. Alternatively, create a subnet for your flow receivers on your network somewhere, set the destination of your netflow traffic to the broadcast address of the subnet, and place your collectors like nfdump and FastNetMon inside that. (Note: not all software supports receiving netflow data sent to the broadcast.)
nfdump
-
Netflow collector software for lab purpose
https://github.com/phaag/nfdump its an "simple" collector. It is just an CLI tool. If you can utilize the cli it's a monster to analyze the raw data. if you need a fancy gui then this is the wrong collector.
-
real-time analytics / traffic capture on MX204
Try the open source nfdump (this should also be a package in Debian/Ubuntu at least). You would configure 'nfcapd' to receive netflow data, then process it with 'nfdump' which is a commandline tool for obtaining statistics on traffic (e.g. top N IPs for bytes/flows, etc).
- Cisco Netflow Help
-
netflow analyzier free tools
For the quick look nfdump https://github.com/phaag/nfdump is in use. Since it is a CLI tool, it is not really suitable for managers.
What are some alternatives?
udpsocket - A simple UDP server to make a virtual secure channel with the clients
ntopng - Web-based Traffic and Security Network Traffic Monitoring
gost - GO Simple Tunnel - a simple tunnel written in golang
pmacct - pmacct is a small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP RPKI IGP Streaming Telemetry].
akvorado - Flow collector, enricher and visualizer
softflowd - softflowd: A flow-based network traffic analyser capable of Cisco NetFlow data export software.
dtlspipe - Generic DTLS wrapper for UDP sessions
silk - Silk File Reader
goflow - The high-scalability sFlow/NetFlow/IPFIX collector used internally at Cloudflare.
flow-pipeline - A set of tools and examples to run a flow-pipeline (sFlow, NetFlow)
ipfixcol2 - High-performance NetFlow v5/v9 and IPFIX collector (RFC7011)