Monitoring Bandwidth Usage (Per Internal IP) - Cisco ASA 5505

If you don't want to try and analyze the data coming out of the ASA itself you might just consider doing a port-mirror the switch the ASA is connected to and use a piece of probe software to watch that port. You could easily get Netflow data that way using something like nProbe.

There's a fairly nice tool, PIX Logging Architecture that comes so close to doing what you want. I've deployed it in a couple of sites, and it's reasonably nice (albeit I don't care much for its tight coupling with MySQL), but the per-NAT traffic statistics that an ASA (and newer version of PIXOS) can report are completely ignored! You get statistics about source, destination, frequency, and duration of translations (and thus UDP / TCP streams), but not bytes! If I had the copious free time I'd consider adding the functionality. (BTW: It's GPL v2 licensed. I'd be willing to talk with somebody who wanted to add monitoring of byte counts to the product about throwing some money at them to make it happen. Ping me off-site if you're interested and serious about it and we can talk about requirements.)

According to the ntop.org website, ntop supports ASA netflows, since Januari 2010. They complain about it being a hack, due to the non-standard netflow format used by the ASA devices.

I haven't tried it yet, but it may be worth a look.

See http://www.ntop.org/blog/?p=24 for the announcement and implementation.