Can somebody recommend an open source real-time network analysis program?
What I'm looking for the program to do is display a graph of bandwidth usage by IP within our internal network that can quickly be viewed any time we need to (typically when we want to quickly find out who is utilizing high amounts of bandwidth and slowing down the network).
We ideally simply want to hook up a monitor on the wall of our server room to a system whose NIC will be in permissive mode to log all network activity in a visual manner which can easily be seen and running 24/7.
Prefer open source as I do not have a budget for this project and prefer open source projects in general. I'd also prefer for this to be available for CentOS but any linux distro or Windows OS would be acceptable.
Thanks!
Edit: Also, it can't use SNMP. The gather needs to be logfiles or promiscuous mode.
Best Answer
NTOP is something you might want to consider. It automatically collects a lot of useful information. But it works better if you want to see 'the big picture' and not so great for "I need to know who is slowing down our network exactly this second".
The best tool for 100% real-time info, in my opinion is, tcptrack. It just monitors a given interface and shows connections that use the most bandwidth. I mirror all internet traffic on a switch to a port that is connected to a dedicated NIC on a server running tcptrack. That I can see precisely which IPs/ports are hogging the bandwidth.