Wednesday 24 August 2016

Open Source - NetFlow Analysis Tool






So ... how do you get network visibility using opensource. Easy ... well sort of





Tools and versions used :

- pmacctd 1.6.1-git (20160823-00)
- kafka 0.10.0.1
- influxdb 0.13
- grafana 3.1
- kafka-influxdb ( git )
- custom plugin for pmacct

Fastnemon is work in progress.

The results :

- Overview : Network Total/Transit/Peers





- Transit breakdown by router/interface/transit_peer_as/source_as


 - Total by router/interface/peer_as




- Total by dst_net/interface/peer_as

















This are the main ones i use everyday, the pmacct aggregation below

-src_as,dst_as,peer_src_as,peer_dst_as,peer_src_ip,as_path,dst_net,src_net,dst_mask,src_mask,in_iface,std_comm,med,proto,src_as_path

And a nice overview dashboard for  managment to look at



No comments:

Post a Comment