IP traffic graph with NetFlow (IpFlow), Pmacct and Pnrg over Linux

mac86 · May 7, 2015, 4:43am

Hi,

Many times I was wondering how to graph IP traffic in / out from all hosts, like “Mrtg” http://oss.oetiker.ch/mrtg/

Some times I tried queue simple graph…
other times tried by to active SNMP and use Cacti “http://www.cacti.net” or similar SNMP app

This time I think I’ve found a very simple and intresting way to graph and monitoring each IP customer host through my network by using NetFlow protocol.

I’ve wrote a tutorial with the I’ve tried and get.
I hope you enjoy it.

(by now, spanish tutorial)
http://www.netpro-ar.com/monitoreo-de-trafico-con-mikrotik-y-netflow/

I hope you enjoy

chechito · May 12, 2015, 8:55pm

look very good !!!

amazing work

mac86 · May 12, 2015, 10:47pm

Thank you very much!

pukkita · May 13, 2015, 8:05am

nice

Using same approach with ELK (Kibana)

cloudhopping · May 18, 2015, 10:32pm

Would you mind sharing what you did to get the ELK system up and running?

Been playing a bit in the ELK arena lately - and would love to see netflows into elk

mac86 · May 18, 2015, 11:01pm

+1

pukkita · May 19, 2015, 8:18am

Used this in logstash.conf (as v9 gave me errors regarding templates)

        udp {
                type => "trafflow"
                port => 12345
                codec => netflow {
                versions => 5
                }
        }

Then enable traffic flow on the RB IP > Traffic flow setting v5 and 12345 as port.

cloudhopping · December 9, 2015, 3:05am

thanks - for some reason - today … months and months later i got the notification this was updated.
Thanks a bunch