About

FlowTrack is designed to listen for and log netflow (v5) traffic. My goal with it is to make installation as easy as possible. There's no need to configure an external webserver or database. When you run FlowTracker a small webserver is started, and a netflow collector is started.

Initially I'm focusing on feature set and simplicity of installation. Scalability is a secondary concern right now. I'm testing with very light traffic. In otherwords, this will likely melt under high load. If you do try running this under high load, let me know how it goes.

I'd love to know if you're using it. Questions? Bugs? Feature Requests? Open them as issues on GitHub

Installation & Use

Requirements

(I will likely add new stuff to this list, such as rrdtool):

Installing

I recommend cloning the repository to make getting updates etc. easier.

git clone git://github.com/skarfacegc/FlowTrack.git

Configuration

flowTrack.conf

# Port to read for netflow
netflow_port: 2055

# Name of the database
database_name: FlowTrack.sqlite

# What do you consider your internal network
# Not used in version 0.01  Will be used to determine ingress/egress
internal_network: 192.168.1.0/24

# Where to write data (database/logs/etc)
data_dir: ./Data

# How many seconds to keep raw flows around
# Defaults to a half day
purge_interval: 43200

# Port for the webserver
web_port: 5656

# Log4Perl Configuration file
logging_conf: flowTrackLog.conf

# Location of pid files
pid_files: ./log

Run FlowTrack.pl

./FlowTrack.pl [--config=/location/of/config/file.conf]

Logging is configured in flowTrackLog.conf Defaults to logging in ./log

URLs

Point your browser at http://localhost:5656/
The following URLs do things:

Tuning

You can tune the collector pool by twiddling these values in FT/FlowCollector.pm

    min_spare_servers => 3,
    max_spare_server  => 5,
    max_servers       => 5,
    max_requests      => 5,

Release Notes

0.0.1

Libraries Used

Planned Roadmap

License

 Copyright (c) 2012, andrew@manor.org
 All rights reserved.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met: 

 1. Redistributions of source code must retain the above copyright notice, this
    list of conditions and the following disclaimer. 
 2. Redistributions in binary form must reproduce the above copyright notice,
    this list of conditions and the following disclaimer in the documentation
    and/or other materials provided with the distribution. 

 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
 ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 The views and conclusions contained in the software and documentation are those
 of the authors and should not be interpreted as representing official policies, 
 either expressed or implied, of the FreeBSD Project.
<new text>