Changes
Documentation changes, including list for known bugs. Adding support for MikroTik router. Installer can
use commands from the README.md (though you still need to insure compatibility
with RITA's MongoDB instance). Docs folder is now distributed with the release tar file.
The most significant change this release was adding support for Netflow v5.
IPFIX-RITA has been fully tested from log collection, through RITA analysis and compatibility with
AI-Hunter
Installation
To begin installing IPFIX-RITA, first install RITA, then use the installer above. Please make sure to read the included README.md before running the installer.
Requirements:
- Docker 17.06+
- docker-compose 1.17+
- RITA 1.1.0+
IPFIX/Netflow v9/Netflow V5 Compatibility
This is an incomplete list of devices which produce compatible IPFix/Netflow v9/Netflow v5 records. More devices will be added as they are tested.
Please select the most basic version of IPFix/Netflow v9/Netflow v5 when setting up your router for use with IPFIX-RITA.
| IPFIX | Netflow v9 | Netflow v5 | Notes | |
|---|---|---|---|---|
| Cisco ASA | ✔ | |||
| Cisco ASR 9k | ✔ | |||
| SonicWall | ✔ | |||
| MikroTik | ✔ | ✔ | ||
| YAF | ✔ | Use --uniflow |
What Do I Do If My Router Isn't On the List?
We need your help to expand the list of supported routers. Please help us by running the software,
logging the errors and traffic, and sending us the results.
Please see Adding Support For Additional Routers for more information.