NetFlow collecting and processing tools
https://github.com/phaag/nfdump
Nfdump is a set of tools to collect and process NetFlow data. It's fast and has a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9 and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA (NSEL) and CISCO NAT (NEL) devices which export event logging records as v9 flows. Nfdump is fully IPv6 compatible.
Version: 1.7.3
General Commands | |
| nfanon | anonymize the IP addresses |
| nfcapd | flow collector for netflow version v1, v5/v7 v9 and ipfix |
| nfdump | flow display and analysis program |
| nfexpire | manage expiration of flow files based on time or volume. |
| nfpcapd | pcap capture to netflow daemon |
| nfprofile | netflow profiler |
| nfreplay | replay binary flow files as netflow version v5 or v9 to a remote host |
| sfcapd | sflow collector for sflow version v2/v4 and v5 |