[CentOS] cisco netflow analyzer?
Scott McClanahan
smcclanahan at forterrainc.comWed Feb 25 15:25:37 UTC 2009
- Previous message: [CentOS] cisco netflow analyzer?
- Next message: [CentOS] cisco netflow analyzer?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> > > > i've been pretty impressed with nfsen. took a little bit of fiddling to > > figure out, but lets me drill down into things pretty well. > > Seconded. nfsen is awesome. Bit of a learning curve, but extremely > powerful once you get the hang of it! > > You can also use iptables and the ULOG target to generate "flow" > information from your Linux boxes and send the output to nfsen/nfcapd > as well! > > Ray I'm not trying to hijack this thread but do you find any significant overhead involved with using the ULOG target or packet loss in your statistics? Would you have a ULOG target very early on in your FORWARD filter to log all packets? Do those packets go to a ulogd instance and then to disk (rrd to limit disk usage) for nfsen to use? I'm concerned with losing packets in my current ntop configuration (not using pf_ring) and am looking at less obtrusive alternatives like gulp or ulog to first get ALL of the packets and with as little overhead as possible move that data to a location where analysis can happen using ntop or nfsen. Thanks.
- Previous message: [CentOS] cisco netflow analyzer?
- Next message: [CentOS] cisco netflow analyzer?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list