Add it to your Download Basket!
Add it to your Watch List!
What's new in pmacct 1.5.0:
- Introduced bgp_daemon_msglog_file config directive to enable streamed logging of BGP messages/events. Each log entry features a time reference, BGP peer IP address, event type and a sequence number (to order events when time reference is not granular enough). BGP UPDATE messages also contain full prefix and BGP attributes information. Example given in QUICKSTART file, chapter XIIf.
- Introduced dump of BGP tables at regular time intervals. The filename, which can include variables, is set by bgp_table_dump_file directive. The output format, currently only JSON, can be set in future via the bgp_table_dump_output directive. The time interval between dumps can be set via the bgp_table_dump_refresh_time directive. Example given in QUICKSTART file, chapter XIIf.
- Introduced support for internally variable-length primitives (likely candidates are strings). Introduced also the 'label' primitive which is a variable-length string equivalent of tag and tag2 primitives. Its value are set via a 'set_label' statement in a pre_tag_map (see examples/ pretag.map.example). If, ie. as a result of JEQ's in a pre_tag_map, multiple 'set_label' are applied, then default operation is append labels and separate by a comma.
- pmacct project has been assigned PEN #43874. nfprobe plugin: tag, tag2, label primitives are now encoded in IPFIX making use of the pmacct PEN.
- LICENSE TYPE:
- GPL (GNU General Public License)
- OUR RATING:
- DEVELOPED BY:
- Paolo Lucente
- USER RATING:
- ROOT \ Internet \ Log Analyzers
Features at a glance
Key features include support for Cisco NSEL and Cisco NEL for CGNAT, inspection of tunnelled traffic, MPLS/BGP VPNs rfc4364 support, GeoIP lookups, support for SQL (triggers, data pre-processing, dynamic table naming), support for collecting data through the libpcap library, as well as through Netlink/ULOG, sFlow v2/v4/v5, NetFlow v1/v5/v7/v8/v9, and IPFIX.
Additionally, the software is also capable of exporting data to external utilities, such as GNUPlot, RRDtool, Net-SNMP, Cacti and MRTG, it is suitable for IP carrier, ISP, CDN, IXP, hot-spots and data-center environments, can save data to various backends, including MySQL, PostgreSQL, SQLite, MongoDB, BerkeleyDB, RabbitMQ, memory tables, and flat files.
Among other interesting features, we can mention support for BGP ADD-PATHS, logging of live BGP messages, dumping of BGP tables, visualization of internal routes through an IS-IS/IGP daemon, classification traffic streams, visualization of inter-domain routing plane through a BGP daemon, replication of incoming NetFlow, sFlow and IPFIX packets, and a pluggable architecture.
Getting started with pmacct
Being a command-line software, the pmacct project can only be used from a console/CLI environment. To install it on your GNU/Linux distribution, you can either use the built-in Software Center app of your operating system (e.g. Ubuntu Software Center on Ubuntu) or the source package, which is distributed for free on Softpedia and the project’s official website (see the homepage link at the end of the article).
If you decide to install pmacct using the source package, download it, save it on your Home folder, use an archive manager tool to unpack it, open a terminal emulator app and go to the location where you’ve extracted the archive file (e.g. cd /home/softpedia/pmacct-1.5.0). Then, run the ‘./configure && make’ command to configure and compile the program, followed by the ‘sudo make install’ command to install the tools system wide.
After installation, add the “--help” option to each of the included tools (see the first paragraph for details) to view their command-line options, the usage message, as well as various real life examples, which will help you to better understand how they work and how you can use them in your work. Please note that pmacct runs on Linux, BSD, Solaris, and embedded systems.
pmacct was reviewed by Marius Nestor, last updated on January 19th, 2015