Nowadays I able to play around with flow data. Flow provide detail information on network traffic, for various purpose such as network monitoring, bandwidth monitor, traffic accounting archive and for security purpose.

We have configured a layer 2/3 switch to send sflow data to my monitoring server. Some visualization were done by nfsen, but, its quite limited. Its just a flow browser. Some other nfsen plugins might help, such as cndet and nfsight, which might give additional summary and analysis on your network traffic. Therefore, we have another flow analyzer, like OpManager Flow Analyzer, by ManageEngine.

For this, I still want the data to be kept in that machine, and send a duplicate of sflow data to OpManager. I’ve found samplicator, written by Simon Leinen at SWITCH. It works well, duplicating the data to another machine, and the tool able to keep the original source IP. As far as the OpManager view, the data came from the switch.

Samplicator – http://code.google.com/p/samplicator/
http://www.plixer.com/blog/netflow/free-netflow-forwarder-or-netflow-duplicator
http://www.bradreese.com/blog/plixer-5-21-2010.htm