yaf ☆

« Back to VersTracker

Description:
Yet another flowmeter: processes packet data from pcap(3)

Type: Formula | Latest Version: 2.18.2@0 | Tracked Since: Dec 11, 2025

Links: Homepage | formulae.brew.sh

Category: Networking

Tags: networking security packet-capture flow-analysis monitoring

Install: brew install yaf

About:
Yaf is a command-line tool that captures and processes network traffic data from pcap files or live interfaces. It generates detailed flow records containing metadata like IP addresses, ports, and protocol information. This utility is essential for network security monitoring and traffic analysis, exporting data in formats compatible with flow analysis systems.

Key Features:

Deep packet inspection for application-level metadata
Support for both live capture and offline pcap file processing
Generates IPFIX (Internet Protocol Flow Information Export) formatted flow records
Handles fragmented packets and TCP stream reassembly

Use Cases:

Network traffic monitoring and analysis for security auditing
Extracting flow data for incident response and forensics
Bandwidth usage monitoring and application identification

Alternatives:

tcpdump – tcpdump captures raw packets while yaf focuses on generating aggregated flow records
nfdump – nfdump is primarily for analyzing flow data, whereas yaf specializes in creating flow records from packet data

Version History

Detected	Change	Commit
Dec 11, 2025 9:17pm	VERSION_BUMP	bd3b308f
Nov 21, 2025 8:26pm	VERSION_BUMP	8071c280
Nov 24, 2024 3:00pm	VERSION_BUMP	337c699f
Nov 13, 2024 10:49am	VERSION_BUMP	5bb20b92
Sep 26, 2024 10:51pm	VERSION_BUMP	ce105d3f
Sep 26, 2024 9:53pm	VERSION_BUMP	e537d536
Sep 11, 2024 3:46pm	VERSION_BUMP	2a723dde
Sep 5, 2024 10:13am	VERSION_BUMP	bcd7c7d4
Jul 13, 2024 10:31am	VERSION_BUMP	a8f09843
Sep 18, 2023 7:23am	VERSION_BUMP	114d1564
Feb 18, 2023 11:57pm	VERSION_BUMP	65748275
Feb 18, 2023 11:57pm	VERSION_BUMP	3b3003fc