Hello! :) As you know I'm an author of DDoS detection application called FastNetMon.
FastNetMon allows you to find out host which was a DDoS attack target and apply some actions to mitigate it. Mitigation can be implemented using BGP Blackhole (which blocks all traffic to/from host on ISP level) or you can use BGP Flow Spec to filter out only malicious traffic. As most flexible option you can use script call.
FastNetMon provides lots of information about your network and provides nice way to access it using Grafana:
FastNetMon supports all equipment available on market and implement following network telemetry protocols:
- sFlow v5
- Netflow v5, v9, v10
- IPFIX
- SPAN/Mirror
To learn more check official site of project: https://fastnetmon.com
