My Netflow Collector/Analyzer Project

I thought I would run a quick post, to let you all know where I’m at.  For those that have been following for a little while, you’ll know that I’ve started a bit of an adventure to create an easy-to-use, but very powerful, Netflow Analyzer.

Why another one?  Well, each analyzer has their benefits and their weaknesses.  Some have steep learning curves to configure and report on.  Others are not very portable across OS’s, and still others are not very flexible with writing your own reports, or takes a seasoned Unix sysadmin to compile and install.

So, I’ve started my project, written in Java, to help alleviate all those pains I just mentioned, and make it easy to extend.

I’ve decided on a code-name, until a proper project name can be determined (any suggestions??).  I’ve codenamed the project “Styx” based on the Greek Mythological river Styx.  While I can give a clever little speech on a few metaphores…. for now I’ll leave it to your imagination.  I’ve created a project on JavaForge, but haven’t uploaded anything yet.

Anyway, I’ve made some decent progress.  The fundamental engine I’m using is a dead project called JNCA (Java Netflow Collector Analyzer).  I’ve received the author’s permission to use it.  But, since it’s fairly old, I’m replacing some core functionality, such as adding Apache’s log4j, and cleaning up the code to be properly wrapped in a java container.

Anyway, I’ll be using LOTS of Open-Source technologies and projects to kind of mash and mold this project.  It will be interesting to see what I come up with.  If it’s half as cool as what I can imagine in my head, it WILL ROCK!!!  My only concern is using an RDBMS system to store the data.  If you have a busy network, you could be looking at millions of records per day (or more), easily.  So, I’ll have to work on some kind of buffering/aggregating system to alleviate that a little.  Dunno.

One of the biggest resources I’ve been using is Cisco’s new book “Network Management: Accounting and Performance Strategies“, which I’ve been meaning to write a complete review of for quite some time!  I feel so ashamed.  This book rocks, and I have not given it the respect it deserves!

No ideas on when Styx will be available… time will tell.

Stay tuned!

8 responses to “My Netflow Collector/Analyzer Project

  1. Ajay November 8, 2007 at 3:37 pm

    I just started using jnca. It seems to work pretty well as a collector and am still trying to figure out how to use it as an analyzer. Good luck to Styx – i am very interested as I dont want to use a perl application with RRD (dont want to mess up the exisiting cricket monitoring software on that box).
    If you have been able to create graphical outputs from jnca, i would be very interested to know how you went about it!

  2. Aaron Paxson November 12, 2007 at 5:12 pm

    Yes, I am creating reports that is grabbed from a “modified” version of JNCA. The analyzer portion of JNCA is not a graphical reporting version. It is, however, mostly just aggregation tables that you can graph from.

  3. Conrad November 27, 2007 at 1:23 am

    When can I download the jnca code. Just looking for the collector code.

    Any help would be much appreciated.

  4. Aaron Paxson November 29, 2007 at 4:04 pm


    If you are looking for the original JNCA code, it’s available at http://jnca.sourceforge.net. The only modifications I’ve made is to the logging system. My next commits will allow you to auto-start it as either a Windows service or a Unix daemon, but running into some debugging right now. My enhancements should be done by next week. Future enhancements will include database agnostic, and then I’ll start integrating web pages for reporting and administration.

    It’s a slow process. I know what I want, but doing it is somewhat slow, being the only developer and having a more-than-full-time day job. 🙂

  5. babak April 25, 2008 at 4:56 am

    I’m using jnca, everything is looking good and statistics show that pacekts are recieved but nothing is inserted into flowdata database tables!
    Any help would be much appreciated.

  6. sify July 1, 2008 at 7:53 am

    i too have the same problem as Babak.Any help?

  7. Francisco September 30, 2008 at 11:49 am

    Can You help to me in the installation process of jnca


  8. Badal December 4, 2008 at 1:51 am

    Check weather you have followed the steps as under :

    1. create database with name flowdata.

    2. run the Run class with argument create_db
    i.e. java packagename\flow.collector.Run create_db

    3. then run the same command without passing any arguments.

