|
OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD. |
|
Thread Tools | Display Modes |
|
|||
Monitoring IP Address Usage By Month
Is there something that will allow me to monitor traffic usages by IP Address?
I would like to see things like IP address / port used bytes transferred up/down number of connections made connection open time Does anyone know how I can do this with openbsd? |
|
||||
I use net/nfsen and am very happy with the results. Each of my firewalls sends pflow(4) statistics to the machine running nfsen, which stores the data and presents via web interface graphically.
Yes, I can do cohesive analysis year by year, month by month, week by week, and moment by moment. By subnet. By farm. By system. By port. I can have it Email alerts. It's almost the only monitoring tool I use. I have it set to store monitoring data every five minutes, which is fine because the machine running nfsen uses an SD card for storage. http://nfsen.sourceforge.net/ Last edited by jggimi; 10th November 2014 at 05:32 PM. Reason: clarity |
|
|||
Quote:
Michael Lucas' Network Flow Analysis is an excellent resource on this subject. Last edited by ocicat; 10th November 2014 at 06:36 PM. Reason: corrected link |
|
||||
Good points ocicat.
While I use them constantly, I should point out that the netflow tools are not applicable for real time status monitoring. I use netstat(1) and sysutils/pftop for that. This is bcause a flow gets logged by pflow(4) only upon completion of a network conversation. For stateless traffic, this is upon activity timeout. For stateful traffic this is upon session teardown. Last edited by jggimi; 10th November 2014 at 06:03 PM. Reason: forgot pftop |
|
||||
OpenBSD own SNMP comes with fantastic MIBs for network and PF monitoring. The real problem is how to poll it and display it. I really, really like Observium and use in production. Unfortunatelly getting OpenBSD custom MIBs to work in Observium is not trivial. Another nuisance is that Observium developers expect you to run server on Ubuntu of Debian. Right now I am running it on Debian but there is FreeBSD port and I hope to be able to get it working on FreeBSD.
Another telemetry tool which I use in production and can highly recommend is: Unfortunately PF plugin is experimental. I use Observium to display RRD data collected with collectd. Collectd is IMHO probably the best non proprietary telemetry tool available but suffers from ridiculus problem lack of decent front-end to display information. Observium is great but SNMP is bread and butter of Observium and due to the pull nature of SNMP protocol Observium is limited due to the fact that it has no proxy at the moment. Collectd uses push model so it is great for monitoring private networks but as I said no good native GUI in-spite of long list https://collectd.org/wiki/index.php/List_of_front-ends I am experimenting with all of them and I had some hopes for collectd-web which didn't materialize. I heard good things about Collectd Graph Panel and playing with it is on my todo list. |
|
||||
I recall Peter Hansteen wrote a nice blog on using net/nfsen. I found the link:
http://bsdly.blogspot.com/2014/02/ye...l-network.html |
|
||||
Quote:
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Have people been able to get good .iso's of Dragonfly BSD in the past month or so? | BenHur | Other BSD and UNIX/UNIX-like | 2 | 14th August 2013 04:44 AM |
Breaking news, literally: Reuters hacked third time this MONTH | J65nko | News | 0 | 4th September 2012 05:49 PM |
Blast from the past: The Osborne 1: 30 years old this month | J65nko | News | 0 | 5th April 2011 10:10 PM |
memory usage monitoring using net-snmp | ducu_00 | FreeBSD Ports and Packages | 2 | 11th October 2008 03:12 PM |
one month anniversary | ocicat | Feedback and Suggestions | 18 | 12th June 2008 03:13 AM |