I keep 60 days worth at it uses about 250GB and very low compute resources. The VM has 4 cores and 4GB of memory. This is with nfsen+nfcapd - which - but it's free, doesn't use a pile of resources (no SQL) and is functional ENOUGH to provide data when I need it.
On Tue, Oct 16, 2018 at 9:03 AM Steve <[email protected]> wrote: > Elistiflow? Really. I'll need to look that up. > > See I've had to deal with law enforcement a few times where I've helped > them find some bad people. Fast forward a few years later all of a sudden > there is a court case and I get called into court. I had provided the legal > evidence at the time and kept the correspondence but I generally don't keep > all of the traffic data for that long as I'm not legally required to. I > would have liked to have kept that information. I only keep it for a > certain length of time for troubleshooting. But going back 3 years would > require some serious space and hardware. > > So I'm looking for an ultra efficient collector capable of years of > retention of mainly just metadata, but able to run on prem with minimal > resources for privacy's sake. > > > > ----- Original Message ----- > From: "Josh Baird" <[email protected]> > To: "AnimalFarm Microwave Users Group" <[email protected]> > Sent: Monday, October 15, 2018 8:14:20 PM > Subject: Re: [AFMUG] Netflow > > Solarwinds is IPO'ing on Friday. Net loss of 87M in the past 6mos. > > Anyways - I have also been trying to find time to give ElastiFlow a > whirl.. but I really don't want to spin up an ELK stack just for Netflow. > > On Mon, Oct 15, 2018 at 8:11 PM Ken Hohhof < [ mailto:[email protected] | > [email protected] ] > wrote: > > > > > > I thought Solarwinds was like Tiffany’s (as in Breakfast at Tiffany’s, > please don’t tell me you’ve never seen it). Fun to window shop, nothing you > can afford. > > > > From: AF < [ mailto:[email protected] | [email protected] ] > > On Behalf Of Erich Kaiser > Sent: Monday, October 15, 2018 6:20 PM > To: AnimalFarm Microwave Users Group < [ mailto:[email protected] | > [email protected] ] > > Subject: Re: [AFMUG] Netflow > > > > > We use: > > > solarwinds > as-stats > > > > > > for Fusion We collect sflow data. > > > > > > These are also good options > > > Fastnetmon > > > Scrutinizer > > > Kentik > > > > > > > > > Ntop is junk. > > > > > > > > > > > > On Mon, Oct 15, 2018 at 2:32 PM Steve < [ mailto:[email protected] | > [email protected] ] > wrote: > > > > > What collectors do you use? > > I've used these the past > > Scrutinizer > ManageEngine's Netflow Anaylzer > Polygraph.io (cloud based now another company owns) > NTOP > > > Anyone have any other user friendly options that perform very well and are > not too costly? For my purposes I'd be spitting out 1 x 10Gbps interface > that would hold all the headers to the collector. > > Anyone know of any other on prem collectors or SSL secured cloud based? > > -- > AF mailing list > [ mailto:[email protected] | [email protected] ] > [ http://af.afmug.com/mailman/listinfo/af_af.afmug.com | > http://af.afmug.com/mailman/listinfo/af_af.afmug.com ] > -- > AF mailing list > [ mailto:[email protected] | [email protected] ] > [ http://af.afmug.com/mailman/listinfo/af_af.afmug.com | > http://af.afmug.com/mailman/listinfo/af_af.afmug.com ] > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
