Sorry if this discussion has been had recently but

Mailman List Mirror (Read Only)
1

I know there is a way to do this, but what is the absolute Defacto best method of tracking flows from Cisco/Juniper routers? I know there is some freeware available such as cflowd but we really need something that will alert us to trouble before it becomes a problem. We don’t mind buying an appliance to do this, and it doesn’t have to be freeware software, we just want something that will work.

Thanks,

-Drew

2

Have you used flow-tools?
http://www.splintered.net/sw/

You can configure it to filter on pretty much any parameter that’s contained
in the flow-export packets. Then you send it to the report tool that’s included
in the flow-tools suite, after which you can put it through a perl script or
a graphing tool or whatever in near real-time.