real-time analytics / traffic capture on MX204

• nfdump

  4 737 9.6 C

  Netflow processing tools

Try the open source nfdump (this should also be a package in Debian/Ubuntu at least). You would configure 'nfcapd' to receive netflow data, then process it with 'nfdump' which is a commandline tool for obtaining statistics on traffic (e.g. top N IPs for bytes/flows, etc).

• udp-replicator

  1 43 10.0 Go

  A tiny UDP proxy that can replicate traffic to one or more endpoints.

If you need to split your existing netflow stream between FastNetMon and nfdump, try UDP replicator. This will take an inbound UDP flow and forward it to N destinations. Alternatively, create a subnet for your flow receivers on your network somewhere, set the destination of your netflow traffic to the broadcast address of the subnet, and place your collectors like nfdump and FastNetMon inside that. (Note: not all software supports receiving netflow data sent to the broadcast.)

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• akvorado

  11 1,149 9.8 Go

  Flow collector, enricher and visualizer

  

I would also suggest Akvorado as an open source alternative.

Suggest a related project