pmacct-contribs 20091125

A small set of passive network monitoring tools to measure, account and aggregate IPv4 and IPv6 traffic.

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!

What's new in pmacct-contribs 20090314:

  • pmacct-socat: made of a client-server pair of scripts, this exports memory plugin Unix sockets across the network to allow queries from remote pmacct clients.
  • pmacct2rrd, a script written in Python to feed pmacct data to RRDtool at fixed time intervals, has been added.
Read full changelog
send us
an update
GPL (GNU General Public License) 
Paolo Lucente
ROOT \ System \ Monitoring
pmacct is a small set of passive network monitoring tools to measure, account and aggregate IPv6 and IPv4 traffic; aggregation revolves around the key concept of primitives (VLAN id, source and destination MAC addresses, hosts, networks, AS numbers, ports, IP protocol and ToS/DSCP field are supported) which may be arbitrarily combined to build custom aggregation methods; support for historical data breakdown, triggers and packet tagging, filtering and sampling.

Aggregates can be stored into memory tables, SQL databases (MySQL or PostgreSQL) or simply printed to stdout. Data is collected from the network either using libpcap (and optionally promiscuous mode) or reading NetFlow v1/v5/v7/v8/v9 and sFlow v2/v4/v5 datagrams, both unicast and multicast.

IP accounting is the key in ISP/IXP network operations like billing, graphing network resources usage, live or historical traffic analysis, handling of network thresholds, provisioning and SLA monitoring. SNMP counters sometime are not this useful because of their coarse granularity.

Finer granularities become valuable if data are historical and match logical entities of interest such as Autonomous System Numbers, departmental or customer network chunks, specific traffic flows, etc. Further, actual large-scale networks are able to produce, in very short times, high amounts of data that become quickly difficult to be processed in a meaningful way

In this context, traffic aggregation and advanced filtering and sampling capabilities are requirements that cannot be missed anymore.

Either using memory or SQL tables as backend storage, pmacct can easily feed data to tools like MRTG, RRDtool, Cacti and Gnuplot among the others. A little scripting abilities are required to glue pmacct with external tools and a number of sample scripts and some tutorials are already available.

Last updated on November 29th, 2009


#network monitoring #network measure #aggregate IPv4 #pmacct-contribs #network #monitoring #IPv4

Add your review!