Netflow Collector Open Source Work Jun 2026

Zabbix is a famous open-source infrastructure monitoring tool. While known for CPU and disk metrics, it has added significant flow monitoring capabilities.

: The server application that receives these incoming UDP datagrams, decodes them, and stores the data for analysis.

: Allows users to add almost any field beyond the standard NetFlow set via text configuration files. GitHub +8 Feature Comparison Table Feature Akvorado GoFlow2 nfdump/NfSen Xenoeye Primary Storage ClickHouse N/A (Exporter) Flat Files PostgreSQL/ClickHouse Data Enrichment GeoIP, SNMP Minimal No Customizable Fields Visualization Web UI / Grafana External (Kafka/ELK) Web UI (NfSen) Grafana Main Use Case Large-scale Visibility High-speed Pipeline Historical Forensics DoS/DDoS Detection Specialized Open-Source Integrations 12 sites netsampler/goflow2: High performance sFlow/IPFIX ... - GitHub Dec 27, 2025 — netflow collector open source

Here’s an interesting write-up angle for , focusing on real-world usage, performance, and hidden trade-offs.

While many tools exist, the following are widely recognized for their performance and community support: : Allows users to add almost any field

– Tiny, but production tip: feed output into Vector (observability pipeline) to enrich, sample, then to ClickHouse or Loki. Don't write your own aggregator unless you love off-by-one sequence errors.

Security monitoring, forensics, and anomaly detection. While many tools exist, the following are widely

– The Swiss Army knife nobody reads the manual for. Example: you can replay pcap into pmacct to generate flows retroactively. Also does accounting (not just collection). The pmacct-contrib has Kafka plugins before Kafka was cool.