Displaying 1 to 10 from 10 results

nProbe - Open source components and extensions for nProbe

  •    Lua

If you want to learn more about nProbe please visit the User's Guide. For more information about nProbe, please visit http://ntop.org.

ntopng - Web-based Traffic and Security Network Traffic Monitoring

  •    Lua

ntopng is a web-based network traffic monitoring application released under GPLv3. It is the new incarnation of the original ntop written in 1998, and now revamped in terms of performance, usability, and features. While you can read more about ntopng on the ntop web site (http://www.ntop.org), we suggest you to start reading the doc/README.md file for learning how to compile and use ntopng.

elastiflow - Network flow Monitoring (Netflow, sFlow and IPFIX) with the Elastic Stack

  •    Shell

ElastiFlow™ provides network flow data collection and visualization using the Elastic Stack (Elasticsearch, Logstash and Kibana). It supports Netflow v5/v9, sFlow and IPFIX flow types (1.x versions support only Netflow v5/v9). The following dashboards are provided.

tcpreplay - Pcap editing and replay tools for *NIX and Windows - Users please download source from

  •    C

Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 packets and finally replay the traffic back onto the network and through other devices such as switches, routers, firewalls, NIDS and IPS's. Tcpreplay supports both single and dual NIC modes for testing both sniffing and in-line devices.Tcpreplay is used by numerous firewall, IDS, IPS, NetFlow and other networking vendors, enterprises, universities, labs and open source projects. If your organization uses Tcpreplay, please let us know who you are and what you use it for so that I can continue to add features which are useful.




vflow - Enterprise Network Flow Collector (IPFIX, sFlow, Netflow)

  •    Go

High-performance, scalable and reliable IPFIX, sFlow and Netflow collector (written in pure Golang).You can download and install pre-built debian package as below (RPM and Linux binary are available).

goflow - The high-scalability sFlow/NetFlow/IPFIX collector used internally at Cloudflare.

  •    Go

This application is a NetFlow/IPFIX/sFlow collector in Go. It gather the network informations (IP, interfaces, routers) from the different flow protocols, serialize it in a protobuf format and sends the message to Kafka using Sarama's library.

netflow - NetFlow/IPFIX protocol decoder/encoder

  •    Erlang

All parts of this software are distributed under MIT terms.

flow-indexer - Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files

  •    Go

The deciding factor for how to partition the databases is how many unique ips you see per day. I suggest starting with monthly indexes. If the indexing performance takes a huge hit by the end of the month, switch to daily indexes. the indexall command will expand file_glob and index any log file that matches.


paStash - pastaʃ'ʃ = Spaghetti I/O Event Data Processing, Interpolation, Correlation and beyond :spaghetti:

  •    Javascript

PaStasH (pastaʃ'ʃ-utta) is a NodeJS multi I/O processor supporting ingestion, decoding, interpolation and correlation of data - be it logs, packets, events and beyond. PaStash supports the Logstash configuration format and delivers cross-functionality comparable to "Beats" with custom modules, providing a flexible and agnostig data pipelining tool. paStash configuration is compatible with logstash. You can easily replace a logstash node by a paStash one in most cases. The data are formatted in the same way to be compatible with logstash UIs.

libebpfflow - Container traffic visibility library based on eBPF

  •    C

You need a modern eBPF-enabled Linux distribution. The library comes with two different tools: ebpflowexport and go_ebpflowexport. In the Build section is reported how to build the tools. Although both tools were developed to show potential library usage and to provide guidance on how to use the library, ebpflowexport displays all the information provided by libebpfflow and provides some options for filtering flow events while go_ebpflowexport displays only basic information concerning events.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.