[CentOS] cisco netflow analyzer?

Tue Feb 24 03:32:11 UTC 2009
Ray Van Dolson <rayvd at bludgeon.org>

On Mon, Feb 23, 2009 at 07:29:11PM -0800, Joe Pruett wrote:
> >> Anyone knows any Cisco netflow analyzer that could run on Linux/Windows? I
> >> know that cisco ASDM works at somewhat level but too rough...
> >>
> >> For example, CIsco ASDM can only shows at IP level and only three types
> >> graph, like top 10 source Address, top ten destination level, or top ten
> >> services. but I want the analyzer to show different traffics from the same
> >> box when in need.
> 
> i've been pretty impressed with nfsen.  took a little bit of fiddling to 
> figure out, but lets me drill down into things pretty well.

Seconded.  nfsen is awesome.  Bit of a learning curve, but extremely
powerful once you get the hang of it!

You can also use iptables and the ULOG target to generate "flow"
information from your Linux boxes and send the output to nfsen/nfcapd
as well!

Ray