vflow - Enterprise Network Flow Collector (IPFIX, sFlow, Netflow)

  •        182

High-performance, scalable and reliable IPFIX, sFlow and Netflow collector (written in pure Golang).You can download and install pre-built debian package as below (RPM and Linux binary are available).

https://github.com/VerizonDigital/vflow

Tags
Implementation
License
Platform

   




Related Projects

elastiflow - Network flow Monitoring (Netflow, sFlow and IPFIX) with the Elastic Stack

  •    Shell

ElastiFlow™ provides network flow data collection and visualization using the Elastic Stack (Elasticsearch, Logstash and Kibana). It supports Netflow v5/v9, sFlow and IPFIX flow types (1.x versions support only Netflow v5/v9). The following dashboards are provided.

NFDUMP - Netflow processing tools

  •    C

nfdump is a set of tools to collect and process netflow data. It's fast and has a powerful filter pcap like syntax. It supports netflow versions v1, v5, v7, v9 and IPFIX as well as a limited set of sflow and is IPv6 compatible. For CISCO ASA devices, which export Netflow Security Event Loging (NSEL) records, please use nfdump-1.5.8-2-NSEL.

ntopng - Web-based Traffic and Security Network Traffic Monitoring

  •    Lua

ntopng is a web-based network traffic monitoring application released under GPLv3. It is the new incarnation of the original ntop written in 1998, and now revamped in terms of performance, usability, and features. While you can read more about ntopng on the ntop web site (http://www.ntop.org), we suggest you to start reading the doc/README.md file for learning how to compile and use ntopng.

Netflow Simulator in C#

  •    CSharp

Simulate netflow packets for version 1, 5, 7, 8,9. This can be helpful for development of netflow management software without access to a real netflow device. It also provides preliminary support for IPFIX and sFlow. .

LibreNMS - Network monitoring system

  •    PHP

LibreNMS is an autodiscovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems including Cisco, Linux, FreeBSD, Juniper, Brocade, Foundry, HP and many more.


Extreme Happy Netflow Tool

  •    C

EHNT is a tool which turns streams of Netflow (version 5) data into something useful and human-readable. (Netflow is a UDP-based traffic reporting protocol created by Cisco, generated by Cisco, Juniper, Foundry, and other routers.)

joy - A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring

  •    C

Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture (pcap) files, using a flow-oriented model similar to that of IPFIX or Netflow, and then representing these data features in JSON. It also contains analysis tools that can be applied to these data files. Joy can be used to explore data at scale, especially security and threat-relevant data. JSON is used in order to make the output easily consumable by data analysis tools. While the JSON output files are somewhat verbose, they are reasonably small, and they respond well to compression.

NFWatchMan

  •    Perl

Netflow Watchman is a network traffic monitoring tool based on Cisco NetFlow Feature , It uses ehnt application to capture data and generate reports based on requirement specified.

Flow Loader amp; Virtual Information Output

  •    Perl

F.L.A.V.I.O. is a GPL'ed data grapher for netflow data export compatible devices (Cisco and Juniper routers among others, or unix servers running ntop with netflow export plugin). It uses a MySQL backend and has been entirely developed in Perl.

network-examples - Linux networking examples and tutorials

  •    Roff

Welcome to my Linux Networking tutorials. The first part, learning two widely used routing protocols, OSPF and BGP, is almost completed. You've been a Linux server and network administrator for some years, have been building an office and/or colocation network with IPv4, IPv6, firewalls with IPTables, some stateful filtering (and NAT for IPv4). You've set up VPN tunnels between different locations to be able to reach the internal IPv4 network using RFC1918 addresses on the other side.

NDPMon

  •    C

NDPMon - Neighbor Discovery Protocol Monitor

pfsense - Main repository for pfSense

  •    PHP

The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. pfSense software, with the help of the package system, is able to provide the same functionality or more of common commercial firewalls, without any of the artificial limitations. It has successfully replaced every big name commercial firewall you can imagine in numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more. pfSense software includes a web interface for the configuration of all included components. There is no need for any UNIX knowledge, no need to use the command line for anything, and no need to ever manually edit any rule sets. Users familiar with commercial firewalls catch on to the web interface quickly, though there can be a learning curve for users not familiar with commercial-grade firewalls.

nProbe - Open source components and extensions for nProbe

  •    Lua

If you want to learn more about nProbe please visit the User's Guide. For more information about nProbe, please visit http://ntop.org.

Six To Four Layer

  •    C

A simple daemon to allow IPv4 to IPv6 communication. Can be used to allow IPv6 only clients to connect to legacy IPv4 servers, or IPv4 only clients to connect to IPv6 only servers.

Octopussy - Perl/XML Logs Analyzer, Alerter & Reporter

  •    Perl

Octopussy is a Log analyzer tool. It analyzes the log, generates reports and alerts the admin. It has LDAP support to maintain users list. It exports report by Email, FTP & SCP. Scheduled reports could be generated. RRD tool to generate graphs.

MRT

  •    

Advanced. multi-threaded routing software with support for IPv4/IPv6 BGP, DVMRP, RIP/RIPng, PIM-DM, and OSPF. Includes CISCO(tm) configuration interface and data collection/processing and routing simulation utilities.

cilium - HTTP, gRPC, and Kafka Aware Security and Networking for Containers with BPF and XDP

  •    Go

Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4 to provide traditional networking and security services as well as Layer 7 to protect and secure use of modern application protocols such as HTTP, gRPC and Kafka. Cilium is integrated into common orchestration frameworks such as Kubernetes and Mesos. A new Linux kernel technology called BPF is at the foundation of Cilium. It supports dynamic insertion of BPF bytecode into the Linux kernel at various integration points such as: network IO, application sockets, and tracepoints to implement security, networking and visibility logic. BPF is highly efficient and flexible. To learn more about BPF, read more in our extensive BPF and XDP Reference Guide.

ipaddr.js - IP address manipulation library in JavaScript (CoffeeScript, actually)

  •    CoffeeScript

ipaddr.js is a small (1.9K minified and gzipped) library for manipulating IP addresses in JavaScript environments. It runs on both CommonJS runtimes (e.g. nodejs) and in a web browser. ipaddr.js allows you to verify and parse string representation of an IP address, match it against a CIDR range or range list, determine if it falls into some reserved ranges (examples include loopback and private ranges), and convert between IPv4 and IPv4-mapped IPv6 addresses.

BIAsed - IPv6 Bump-in-the-API library

  •    

This library allows legacy IPv4-only applications on dual-stack (IPv4/IPv6) hosts to communicate with the IPv6 world using a technique called quot;Bump-in-the-APIquot; (BIA). This is an incomplete implementation of RFC 3338.

OPNsense - Your Next Open Source FireWALL

  •    PHP

OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. The feature set of OPNsense includes high-end features such as forward caching proxy, traffic shaping, intrusion detection and easy OpenVPN client setup. It also supports Netflow Exporter, Network Flow Monitoring, DNS Server & DNS Forwarder, Stateful inspection firewall and lot more.