fastnetmon/README.md

![logo](https://fastnetmon.com/wp-content/uploads/2018/01/cropped-new_logo_3var-e1515443553507-1-300x146.png)

Community Edition
===========
FastNetMon - A high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror).

What do we do?
--------------
We detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and
perform a configurable action to handle that event. These configurable actions include notifying you, calling script or making BGP announcements. 

Project 
-------
🌏️ [Official site](https://fastnetmon.com)  
⭐️ [FastNetMon Advanced, Commercial Edition](https://fastnetmon.com/product-overview/)  
🌟️ [FastNetMon Advanced, free one-month trial](https://fastnetmon.com/trial/)  
📜️ [FastNetMon Advanced and Community difference table](https://fastnetmon.com/compare-community-and-advanced/)  
📘️ [Detailed reference](https://fastnetmon.com/wp-content/uploads/2023/07/fastnetmon_community_book_20_jul_2023.pdf)  

Legal
--------------
📖 [FastNetMon Community Edition Terms and Conditions](https://fastnetmon.com/fastnetmon-community-edition-terms-and-conditions/)  
🔏️ [FastNetMon Community Edition Privacy Notice](https://fastnetmon.com/fastnetmon-community-edition-privacy-notice/)  

FastNetMon is a product of FastNetMon LTD, UK. FastNetMon ® is a registered trademark in the UK and EU.

By installing or using this software, you confirm that you have read and agree to the FastNetMon Community Edition T&Cs and Privacy Notice, which will apply to your installation and use of the software

### Installation
- [Linux install instructions](https://fastnetmon.com/install/)
- [macOS install instructions](https://formulae.brew.sh/formula/fastnetmon)
- [FreeBSD port](https://www.freshports.org/net-mgmt/fastnetmon/)
- [VyOS bundled support](https://fastnetmon.com/fastnetmon-community-on-vyos-rolling-1-3/)

Supported packet capture engines
--------------------------------
- NetFlow v5, v9, v9 Lite
- IPFIX
- ![sFlow](http://sflow.org/images/sflowlogo.gif) v5
- PCAP
- AF_PACKET (recommended)
- AF_XDP (XDP based capture)
- Netmap (deprecated, still supported only for FreeBSD)
- PF_RING / PF_RING ZC (deprecated, available only for CentOS 6 in 1.2.0)

You can check out the [comparison table](https://fastnetmon.com/docs/capture_backends/) for all available packet capture engines.

Features
--------
- Detects DoS/DDoS in as little as 1-2 seconds
- Scales up to terabits on single server (sFlow, Netflow, IPFIX) or to 40G + in mirror mode
- Trigger block/notify script if an IP exceeds defined thresholds for packets/bytes/flows per second
- Thresholds can be configured per-subnet basis with the hostgroups feature
- [Email notifications](https://fastnetmon.com/docs/attack_report_example/) about detected attack
- Complete IPv6 support
- Prometheus support: system metrics and total traffic counters
- Flow and packet export to Kafka in JSON and Protobuf format
- Announce blocked IPs via BGP to routers with [ExaBGP](https://fastnetmon.com/docs/exabgp_integration/) or [GoBGP](https://fastnetmon.com/docs/gobgp-integration/) (recommended)
- Full integration with [InfluxDB](https://fastnetmon.com/docs/influxdb_integration/) and [Graphite](https://fastnetmon.com/docs/graphite_integration/)
- [API](https://fastnetmon.com/docs/fastnetmon-community-api/)
- [Redis](https://fastnetmon.com/docs/redis/) integration
- MongoDB protocol support compatible with native [MongoDB](https://fastnetmon.com/docs/mongodb/) and [FerretDB](https://github.com/FerretDB/FerretDB)
- VLAN untagging in mirror and sFlow modes
- Capture attack fingerprints in PCAP format

We track [multiple](https://fastnetmon.com/docs-fnm-advanced/fastnetmon-usage-analytics/) platform and environment-specific metrics to understand ways how our product is being used and prioritise development accordingly. 

Official support groups:
-------
- [Mailing list](https://groups.google.com/g/fastnetmon)
- [Slack](https://slack.fastnetmon.com)
- IRC: #fastnetmon at irc.libera.chat:6697 (TLS) [web client](https://web.libera.chat/?channels=#fastnetmon)
- Telegram: [fastnetmon](https://t.me/fastnetmon)
- Discord: [fastnetmon](https://discord.fastnetmon.com)

Follow us at social media:
-------
- [Twitter](https://twitter.com/fastnetmon)
- [LinkedIn](https://www.linkedin.com/company/fastnetmon/)
- [Facebook](https://www.facebook.com/fastnetmon/)

### Router integration instructions
- [Juniper MX Routers](https://fastnetmon.com/docs/junos_integration/)

Complete integration with the following vendors
--------------------------------
- [Juniper integration](src/juniper_plugin)
- [A10 Networks Thunder TPS Appliance integration](src/a10_plugin)
- [MikroTik RouterOS](src/mikrotik_plugin)


Screenshots
------------
Command line interface
![Main screen image](docs/images/fastnetmon_screen.png)

------------
Standard Grafana dashboard
![Grafana total traffic](docs/images/grafana_total.png)

Example deployment scheme
--------------

![Network diagramm](docs/images/deploy.png)


CI build status
--------------
[![CircleCI](https://circleci.com/gh/pavel-odintsov/fastnetmon/tree/master.svg?style=svg)](https://circleci.com/gh/pavel-odintsov/fastnetmon/tree/master)

Upstream versions in different distributions
--------------

[![FastNetMon upstream distro packaging status](https://repology.org/badge/vertical-allrepos/fastnetmon.svg)](https://repology.org/project/fastnetmon/versions)
Added logotype 2018-04-24 19:45:39 +00:00			`![logo](https://fastnetmon.com/wp-content/uploads/2018/01/cropped-new_logo_3var-e1515443553507-1-300x146.png)`

			`Community Edition`
Readme fix 2013-11-14 08:23:10 +00:00			`===========`
Added README corrections recommended by Grammarly 2023-05-22 20:19:57 +00:00			`FastNetMon - A high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror).`
Update README.md Add twitter :) 2015-03-10 22:38:10 +00:00
clean-up, rephrasing, and reformatting 2018-03-01 19:33:13 +00:00			`What do we do?`
			`--------------`
Update README.md 2022-11-17 12:29:25 +00:00			`We detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and`
Added README corrections recommended by Grammarly 2023-05-22 20:19:57 +00:00			`perform a configurable action to handle that event. These configurable actions include notifying you, calling script or making BGP announcements.`
Add irc channel 2015-06-15 09:59:12 +00:00
readme rewrite 2015-10-06 15:37:27 +00:00			`Project`
			`-------`
Added emojis 2022-12-01 10:41:53 +00:00			`🌏️ [Official site](https://fastnetmon.com)`
Switched link to Advanced edition to show all our products 2022-12-01 10:53:01 +00:00			`⭐️ [FastNetMon Advanced, Commercial Edition](https://fastnetmon.com/product-overview/)`
Added README corrections recommended by Grammarly 2023-05-22 20:19:57 +00:00			`🌟️ [FastNetMon Advanced, free one-month trial](https://fastnetmon.com/trial/)`
Added emojis 2022-12-01 10:41:53 +00:00			`📜️ [FastNetMon Advanced and Community difference table](https://fastnetmon.com/compare-community-and-advanced/)`
Update README.md 2023-07-20 20:57:38 +00:00			`📘️ [Detailed reference](https://fastnetmon.com/wp-content/uploads/2023/07/fastnetmon_community_book_20_jul_2023.pdf)`
New Terms and Conditions and Privacy Notice 2023-08-10 15:41:10 +00:00
			`Legal`
			`--------------`
			`📖 [FastNetMon Community Edition Terms and Conditions](https://fastnetmon.com/fastnetmon-community-edition-terms-and-conditions/)`
			`🔏️ [FastNetMon Community Edition Privacy Notice](https://fastnetmon.com/fastnetmon-community-edition-privacy-notice/)`

			`FastNetMon is a product of FastNetMon LTD, UK. FastNetMon ® is a registered trademark in the UK and EU.`

Extended legal section 2023-08-10 16:16:12 +00:00			`By installing or using this software, you confirm that you have read and agree to the FastNetMon Community Edition T&Cs and Privacy Notice, which will apply to your installation and use of the software`
Added social media links 2018-10-06 12:18:42 +00:00
Rearranged section in README 2023-04-11 20:52:06 +00:00			`### Installation`
Moved more important information to the top of README 2023-04-11 20:56:19 +00:00			`- [Linux install instructions](https://fastnetmon.com/install/)`
			`- [macOS install instructions](https://formulae.brew.sh/formula/fastnetmon)`
			`- [FreeBSD port](https://www.freshports.org/net-mgmt/fastnetmon/)`
			`- [VyOS bundled support](https://fastnetmon.com/fastnetmon-community-on-vyos-rolling-1-3/)`
Rearranged section in README 2023-04-11 20:52:06 +00:00
readme rewrite 2015-10-06 15:37:27 +00:00			`Supported packet capture engines`
			`--------------------------------`
Added XDP mention in README 2022-10-02 20:41:13 +00:00			`- NetFlow v5, v9, v9 Lite`
README fix 2015-03-23 10:39:08 +00:00			`- IPFIX`
Deprecated LUA support 2022-02-26 20:12:06 +00:00			`- ![sFlow](http://sflow.org/images/sflowlogo.gif) v5`
Updated list of recommended mirror capture engines 2019-07-11 20:00:33 +00:00			`- PCAP`
Deprecated Netmap support for all new releases. AF_PACKET is doing great and offers best experience for traffic capture from port mirror. On FreeBSD platforms pcap can be used instead 2022-04-19 11:14:21 +00:00			`- AF_PACKET (recommended)`
Switched link to Advanced edition to show all our products 2022-12-01 10:53:01 +00:00			`- AF_XDP (XDP based capture)`
Fixed typo 2023-05-22 19:54:46 +00:00			`- Netmap (deprecated, still supported only for FreeBSD)`
Fixed typo in readme 2022-04-23 14:01:26 +00:00			`- PF_RING / PF_RING ZC (deprecated, available only for CentOS 6 in 1.2.0)`
Rewrite READMER 2015-03-23 10:37:29 +00:00
Changed link to CAPTURE BACKENDS comparison table 2017-12-03 12:21:04 +00:00			`You can check out the [comparison table](https://fastnetmon.com/docs/capture_backends/) for all available packet capture engines.`
Update README.md 2015-04-28 19:39:08 +00:00
readme rewrite 2015-10-06 15:37:27 +00:00			`Features`
			`--------`
Improved readme information 2022-02-10 13:38:13 +00:00			`- Detects DoS/DDoS in as little as 1-2 seconds`
			`- Scales up to terabits on single server (sFlow, Netflow, IPFIX) or to 40G + in mirror mode`
better English for the README 2016-05-25 14:46:50 +00:00			`- Trigger block/notify script if an IP exceeds defined thresholds for packets/bytes/flows per second`
Improved readme information 2022-02-10 13:38:13 +00:00			`- Thresholds can be configured per-subnet basis with the hostgroups feature`
Added email info 2022-02-10 13:38:13 +00:00			`- [Email notifications](https://fastnetmon.com/docs/attack_report_example/) about detected attack`
We have IPv6 support for sFlow now 2022-08-08 15:43:06 +00:00			`- Complete IPv6 support`
Added native Prometheus support 2023-02-11 18:08:48 +00:00			`- Prometheus support: system metrics and total traffic counters`
Added option to export traffic to Kafka in Protobuf format 2023-02-12 21:17:05 +00:00			`- Flow and packet export to Kafka in JSON and Protobuf format`
We have IPv6 support for sFlow now 2022-08-08 15:43:06 +00:00			`- Announce blocked IPs via BGP to routers with [ExaBGP](https://fastnetmon.com/docs/exabgp_integration/) or [GoBGP](https://fastnetmon.com/docs/gobgp-integration/) (recommended)`
Update README.md 2022-11-17 12:29:25 +00:00			`- Full integration with [InfluxDB](https://fastnetmon.com/docs/influxdb_integration/) and [Graphite](https://fastnetmon.com/docs/graphite_integration/)`
Another iteration of REDADME cleanup 2022-02-10 13:38:13 +00:00			`- [API](https://fastnetmon.com/docs/fastnetmon-community-api/)`
Fixed Redis guide 2017-12-03 13:08:51 +00:00			`- [Redis](https://fastnetmon.com/docs/redis/) integration`
Added notes about FerretDB support 2023-03-27 17:54:20 +00:00			`- MongoDB protocol support compatible with native [MongoDB](https://fastnetmon.com/docs/mongodb/) and [FerretDB](https://github.com/FerretDB/FerretDB)`
Update README.md 2022-11-17 12:29:25 +00:00			`- VLAN untagging in mirror and sFlow modes`
clean-up, rephrasing, and reformatting 2018-03-01 19:33:13 +00:00			`- Capture attack fingerprints in PCAP format`
Upgrade documentation 2014-11-22 13:17:26 +00:00
Adjusted link to usage survey 2023-07-04 13:08:55 +00:00			`We track [multiple](https://fastnetmon.com/docs-fnm-advanced/fastnetmon-usage-analytics/) platform and environment-specific metrics to understand ways how our product is being used and prioritise development accordingly.`
Documented how our telemetry is implemented 2023-04-28 20:05:32 +00:00
Moved more important information to the top of README 2023-04-11 20:56:19 +00:00			`Official support groups:`
			`-------`
			`- [Mailing list](https://groups.google.com/g/fastnetmon)`
			`- [Slack](https://slack.fastnetmon.com)`
			`- IRC: #fastnetmon at irc.libera.chat:6697 (TLS) [web client](https://web.libera.chat/?channels=#fastnetmon)`
			`- Telegram: [fastnetmon](https://t.me/fastnetmon)`
			`- Discord: [fastnetmon](https://discord.fastnetmon.com)`

			`Follow us at social media:`
			`-------`
			`- [Twitter](https://twitter.com/fastnetmon)`
			`- [LinkedIn](https://www.linkedin.com/company/fastnetmon/)`
			`- [Facebook](https://www.facebook.com/fastnetmon/)`

readme rewrite 2015-10-06 15:37:27 +00:00			`### Router integration instructions`
Changed link for JunOS documentation 2017-12-03 13:11:26 +00:00			`- [Juniper MX Routers](https://fastnetmon.com/docs/junos_integration/)`
added router integration to README.md and docker image highlight 2015-07-22 20:07:33 +00:00
Rearranged section in README 2023-04-11 20:52:06 +00:00			`Complete integration with the following vendors`
			`--------------------------------`
			`- [Juniper integration](src/juniper_plugin)`
			`- [A10 Networks Thunder TPS Appliance integration](src/a10_plugin)`
			`- [MikroTik RouterOS](src/mikrotik_plugin)`

readme rewrite 2015-10-06 15:37:27 +00:00
clean-up, rephrasing, and reformatting 2018-03-01 19:33:13 +00:00			`Screenshots`
readme rewrite 2015-10-06 15:37:27 +00:00			`------------`
Added Grafana screen image 2023-03-11 11:57:58 +00:00			`Command line interface`
Move data files to src folder; Move images to doc folder; 2015-03-22 10:45:52 +00:00			`![Main screen image](docs/images/fastnetmon_screen.png)`
Update README.md Add explained documentation 2014-06-08 10:29:37 +00:00
Added Grafana screen image 2023-03-11 11:57:58 +00:00			`------------`
			`Standard Grafana dashboard`
			`![Grafana total traffic](docs/images/grafana_total.png)`

Updated sections order 2022-02-10 13:38:13 +00:00			`Example deployment scheme`
Added information about email alerts 2022-02-10 13:38:13 +00:00			`--------------`
Add manual about sFLOW 2014-12-02 13:42:40 +00:00
Added information about email alerts 2022-02-10 13:38:13 +00:00			`![Network diagramm](docs/images/deploy.png)`
Added table with per distribution versions 2022-11-26 12:45:35 +00:00
Rearranged section in README 2023-04-11 20:53:19 +00:00
			`CI build status`
			`--------------`
			`[![CircleCI](https://circleci.com/gh/pavel-odintsov/fastnetmon/tree/master.svg?style=svg)](https://circleci.com/gh/pavel-odintsov/fastnetmon/tree/master)`

Added table with per distribution versions 2022-11-26 12:45:35 +00:00			`Upstream versions in different distributions`
			`--------------`

Force rebuild 2024-07-01 21:33:45 +00:00			`[![FastNetMon upstream distro packaging status](https://repology.org/badge/vertical-allrepos/fastnetmon.svg)](https://repology.org/project/fastnetmon/versions)`