goflow - The high-scalability sFlow/NetFlow/IPFIX collector used internally at Cloudflare.

  •        234

This application is a NetFlow/IPFIX/sFlow collector in Go. It gather the network informations (IP, interfaces, routers) from the different flow protocols, serialize it in a protobuf format and sends the message to Kafka using Sarama's library.

https://github.com/cloudflare/goflow

Tags
Implementation
License
Platform

   




Related Projects

vflow - Enterprise Network Flow Collector (IPFIX, sFlow, Netflow)

  •    Go

High-performance, scalable and reliable IPFIX, sFlow and Netflow collector (written in pure Golang).You can download and install pre-built debian package as below (RPM and Linux binary are available).

elastiflow - Network flow Monitoring (Netflow, sFlow and IPFIX) with the Elastic Stack

  •    Shell

ElastiFlow™ provides network flow data collection and visualization using the Elastic Stack (Elasticsearch, Logstash and Kibana). It supports Netflow v5/v9, sFlow and IPFIX flow types (1.x versions support only Netflow v5/v9). The following dashboards are provided.

NFDUMP - Netflow processing tools

  •    C

nfdump is a set of tools to collect and process netflow data. It's fast and has a powerful filter pcap like syntax. It supports netflow versions v1, v5, v7, v9 and IPFIX as well as a limited set of sflow and is IPv6 compatible. For CISCO ASA devices, which export Netflow Security Event Loging (NSEL) records, please use nfdump-1.5.8-2-NSEL.

Netflow Simulator in C#

  •    CSharp

Simulate netflow packets for version 1, 5, 7, 8,9. This can be helpful for development of netflow management software without access to a real netflow device. It also provides preliminary support for IPFIX and sFlow. .

Flow Loader amp; Virtual Information Output

  •    Perl

F.L.A.V.I.O. is a GPL'ed data grapher for netflow data export compatible devices (Cisco and Juniper routers among others, or unix servers running ntop with netflow export plugin). It uses a MySQL backend and has been entirely developed in Perl.


Extreme Happy Netflow Tool

  •    C

EHNT is a tool which turns streams of Netflow (version 5) data into something useful and human-readable. (Netflow is a UDP-based traffic reporting protocol created by Cisco, generated by Cisco, Juniper, Foundry, and other routers.)

joy - A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring

  •    C

Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture (pcap) files, using a flow-oriented model similar to that of IPFIX or Netflow, and then representing these data features in JSON. It also contains analysis tools that can be applied to these data files. Joy can be used to explore data at scale, especially security and threat-relevant data. JSON is used in order to make the output easily consumable by data analysis tools. While the JSON output files are somewhat verbose, they are reasonably small, and they respond well to compression.

goflow - Flow-based and dataflow programming library for Go programming language

  •    Go

This is quite a minimalistic implementation of Flow-based programming and several other concurrent models in Go programming language that aims at designing applications as graphs of components which react to data that flows through the graph. Current version of the library requires a latest stable Go release. If you don't have the Go compiler installed, read the official Go install guide.

Octopussy - Perl/XML Logs Analyzer, Alerter & Reporter

  •    Perl

Octopussy is a Log analyzer tool. It analyzes the log, generates reports and alerts the admin. It has LDAP support to maintain users list. It exports report by Email, FTP & SCP. Scheduled reports could be generated. RRD tool to generate graphs.

Java NetFlow Collect-Analyzer

  •    Java

Java Netflow Collect/Analyzer uses pure Java to collect netflow v1 v5 v7 v8 v9 UDP packets from cisco routers. It stores both raw data or analyzed contents to DB thru JDBC and can be used in large enterprises or ISPs. JNC beta is ready JNA is underway.

IPFIX library

  •    C

Libipfix is a C-library implementing the IPFIX protocol defined by the IP Flow Information Export working group of the IETF.

NFWatchMan

  •    Perl

Netflow Watchman is a network traffic monitoring tool based on Cisco NetFlow Feature , It uses ehnt application to capture data and generate reports based on requirement specified.

NetFlow Packet Dumper

  •    C

NetFlow Packet Dumper is a Windows 32 bit console application which collects NetFlow version 1 flow from networking devices and dumps it into a CSV file. You can also specify a script on the configuration file to be run if the dump file reaches a threshol

pfsense - Main repository for pfSense

  •    PHP

The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. pfSense software, with the help of the package system, is able to provide the same functionality or more of common commercial firewalls, without any of the artificial limitations. It has successfully replaced every big name commercial firewall you can imagine in numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more. pfSense software includes a web interface for the configuration of all included components. There is no need for any UNIX knowledge, no need to use the command line for anything, and no need to ever manually edit any rule sets. Users familiar with commercial firewalls catch on to the web interface quickly, though there can be a learning curve for users not familiar with commercial-grade firewalls.

Webview Netflow Reporter

  •    Perl

An enterprise-focused NetFlow reporter/analyzer tool featuring clickable graphs, powerful categorization, automatic exporter discovery, and full access to all aspects of the raw flow data (millisecond accuracy, QoS settings, TCP flags, etc).

OPNsense - Your Next Open Source FireWALL

  •    PHP

OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. The feature set of OPNsense includes high-end features such as forward caching proxy, traffic shaping, intrusion detection and easy OpenVPN client setup. It also supports Netflow Exporter, Network Flow Monitoring, DNS Server & DNS Forwarder, Stateful inspection firewall and lot more.

tcpreplay - Pcap editing and replay tools for *NIX and Windows - Users please download source from

  •    C

Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 packets and finally replay the traffic back onto the network and through other devices such as switches, routers, firewalls, NIDS and IPS's. Tcpreplay supports both single and dual NIC modes for testing both sniffing and in-line devices.Tcpreplay is used by numerous firewall, IDS, IPS, NetFlow and other networking vendors, enterprises, universities, labs and open source projects. If your organization uses Tcpreplay, please let us know who you are and what you use it for so that I can continue to add features which are useful.

gbRRDGraphix

  •    Basic

gbRRDGraphix is a full solution to collecte , monitor (metrology) and display all data from SNMP protocol, Script Unix or Netflow equipments. All data are stocked inside databases and displayed by 'rrdtool' to graphics on a securised Web Site. The Netflow data are managed by 'flow-tools' commands and can be filtered, sorted and extracted. It's possible to build reports and statistics from these data to PDF, HTML, CSV format. This solution is ajustable, scalable and evolutive. Main part of

Kewlio Looking Glass

  •    PHP

Looking Glass for Cisco,Juniper amp; Zebra/Quagga routers with AS-name lookups and community name translations (requires PHP+MySQL)

IP Template Expert Tool

  •    

IPHelper is an Internet Protocol (IP) network productivity tool making it easier to build standard and reusable configuration templates. It is using JSON formatted dynamic variables to create a web form and build a Methods Of Procedures (MOPs). Use it with Cisco, Juniper, Al...