Interesting.
As soon as you add a profile at kid-control, it start to account data in the devices menu.
There number just goes opp as long as its used. So a simple diff (in splunk) can see how much since last check.
Will do have a test to see if it can replace the ip accounting…
Kid control seem to give what I need (and maybe other)
Will try to make a dashboard for it in Splunk and compare it to Accounting.
Accounting
Kid Control
For anyone interested, there’s pmacct.
http://www.pmacct.net/
It’s not for the faint of heart, as it’s a collection of tools to be able to do IP Accounting using NetFlow, among many other methods, store that data to a backend of your choice, and then build an interface (if needed) around that.
Kid Control seems to be way to go.
After some testing and making a new dashboard in Splunk, I do get the same data and same graphs as I do get from IP accounting.
If I do not find any other big bug or other problem, this will be released in the next version of MikroTik for Splunk.
Then we do have a working version for Router OS 7.x
One negative thing is that script needs to be updated to collect these data, so If you have many routers, all needs to be update.
Here is a sample graph. (See the missing bottom graph compare to the IP Accounting)
.
Strange, it does not do that over here on 6.47.7
So I created a “kid profile” called “Accounting” and left basically other option empty and “enabled” it.
The “devices” menu remains empty ?
/ip kid-control
add disabled=no fri=“” mon=“” name=Accounting rate-limit=“” sat=“” sun=“” thu=“” tue=“” tur-fri=“” tur-mon=“” tur-sat=“” tur-sun=“” tur-thu=“” tur-tue=“” tur-wed=“” wed=“”
/ip kid-control>
I used “00:00:00-1d 00:00:00” for the day intervals, maybe it is required that at least one of the profiles is active at the time?
You need to be in an active time range to get traffic data.
So to get all day from 00:00:00 to 23:59:59, I do use:
/ip kid-control
add name=Monitor mon=0s-1d tue=0s-1d wed=0s-1d thu=0s-1d fri=0s-1d sat=0s-1d sun=0s-1d
In WebFig I cannot add it like that “0s-1d” , it will not accept it.
The other notation like 00:00:00-1d 00:00:00 worked and indeed the “devices” tables has entries in it.
I have no problem cut and past this to terminal:
/ip kid-control
add name=Monitor mon=0s-1d tue=0s-1d wed=0s-1d thu=0s-1d fri=0s-1d sat=0s-1d sun=0s-1d
Tested on various routers 6.x and 7.x
In WebIF, it looks like this:
00:00:00-1d 00:00:00
Yes in commandline mode it works ok but you cannot put 0s-1d in the input fields in webfig or winbox.
Guess that should be allowed…
There are tons of inconsistent between WinBox and CLI.
Here is one that do irritate me.
Add/Edit/Delete a user:
Winbox: System->User
Cli: /user
Why in the world are user in Cli not under /system user ???
The menu system is not exactly the same between winbox and cli…
E.g. “bridge” is a toplevel item in winbox while in cli it is /interface bridge (more logical if you ask me…)
But there are also strange menu locations, e.g. “kid-control” is under “ip” while it works at MAC address level. Should it be under /system?
Items that are under IP also have IPv6 functions, even though there is a separate IPv6 menu. Should be under /system probably.
Well, moving things over (like /routing/rule has been moved from /ip route rule) is also a bit cumbersome…
Try to find modem settings in CLI for LTE device if under Winbox it’s to be found under interface / lte / modem…
Hint: nothing with modem 
Or SIM card settings…
Removing Accounting seems not good for me, because it will break all scripts which has it with syntax error, which can’t be handled with :do { … } on-error={ … }.
I’m using that for some time to track local traffic usage in routers, not remotely.
Same issue as with signal-treshold becames signal-threshold in the system-leds menu after some release, which breaks things for me, so I’ve to force check RoS version and use :parse to make my script work at all possible firmwares when new router comes.
Sad to hear, because I’ll have to spend some time to replace it with kids control if possible.
Yeah, when you upgrade to new software there sometimes will be work for you to do. That is reality.
It must be a small amount of work compared to what it took to create v7 
+1 to keep accounting
+1 to keep Accounting
For 1 reason - it works brilliantly and simply with attix 5 to give me a simple straightforward dynamic realtime view of bandwidth usage by IP on my network.
Now if someone could give pointers on how to get attix5 to work with the kid-control data that would solve my use case.
So quick and easy to see who is hogging the bandwidth on the local network.
+100 to keep Accounting
(i intentionally use netflow and traffic flow interchangeably below, to distinguish it from Traffic-Accounting , im aware trafficFlow=Netflow):
Netflow does not provide the resolution (and accuracy) i have been able to achieve with custom code + mikrotiks, unique, Traffic Accounting feature.
I have tried netflow for years, and see very poor detail for traffic behind NAT (which is almost always), additionally, it seems that you cant use Fast-Track (understandably) with netflow(trafficFlow), if you wish to capture all private, NAT’d (local) ip addresses .
And even with (Fast-track disabled + bridge = “use ip firewall”)* ive still had issues seeing Nat’d traffic on TrafficFlow collectors (ie seeing 192.168.1.42 → 17.2.54.1 actual bandwidth usage over time).
I have tested both PAID and opensource netflow collectors. WIth trafficFlow: I can get accurate, great data for Mikrotiks’ Public-IP → internet-PublicIP , but very inaccurate data for the devices behind the Mikrotiks’ Public-IP (ie the NAT’d hosts, which is the data i need).
Traffic-Accounting changed all of this! I have code pulling the http page every 10s and sending data over to graphite , and influxDB , for multiple large install mikrotiks. Im now seeing perfect data for my internal IPs (which is the data i need in my use-case).
Bottom line, to see the full picture of ALL your traffic , it seems you need to use BOTH TrafficFlow (netflow) AND mikrotiks’ Traffic-Accounting. This provides you with data that even the top $$ routers wont provide you with!
There is no reason to remove a feature like this that is unique to mikrotik ros, and very powerful.
I have tried
Have you looked at Kid control? For me it gives more or less the same as I did get from accounting.