The ability to monitor is pretty much the same. In most cases it is just a variant of the same exact program. The key issue is getting to the data in the first place. If you have a inline firewall/router running of a PC it really isn't any different than a router. What really is the difference between a router cpu running a linux variant called tomato or a pc loaded with the kali linux variant that has every hacking/network tool preloaded.
The key problem is there is no place to store the data on a router in most cases if you reboot the router you lose all the data. Sure you can store it to flash on some routers but feeding thought the USB eats even more of the limited CPU.
If you have the option to use a actual PC you will have many more options. The key is you must be able to get into the data path.
The way this is commonly done commercially, and dd-wrt/tomato have some support, is to let the router perform the basic capture/summary and then send it to a external server to process. This way when you have 100 routers you can still run your reports from one machine rather than having to log in. The tool that is used to do what you discus is generically called netflow but there are a couple of variants. This is mostly used to see what is running historically active monitor is usually done with SNMP based tools probing the router for information.
Awesome, thanks bill