-
We need to monitor Layer 2 flows on a Cisco Nexus N9k switch. Since this switch does not support NetFlow, we are using sFlow for monitoring. However, sFlow does not support the capability to capture o…
-
**Describe the enhancement:**
The Filebeat netflow input utilizes a single decoder goroutine. Users have reported instances where the drops have occurred (indicated by `filebeat.input.netflow.packe…
-
RFC 6313 (https://www.rfc-editor.org/rfc/rfc6313.html) defines an extension to IPFIX which includes more complex data structures like lists.
Cisco seems to be using this for their nvzFlow product …
i3149 updated
3 weeks ago
-
Zeek's current behavior of silently ignoring traffic for which there is no analyzer is quite unexpected to new users. The assumption is that the conn log should contain data similar netflow or firewal…
-
### Use-cases
Network devices such as switches and firewalls export sFlow/NetFLow (or the perverse vendor variants) to provide ongoing trace of network traffic details without having to store and c…
-
A user requested we look into accepting NetFlow v9 as a flow data source. I believe there are netflow inputs for logstash and filebeat already, so the plumbing is there. The majority of the work would…
-
**Description**
Hello,
First of all, thank you for developing & maintaining the pmacct tools suite that we have been using for a few years in our company!
I'm trying to setup nfacctd to collect…
-
The selected time period is from 201301011200 to 201301011205. This dataset is stored in server already under database name 'umkc_development'. It has 5 minutes time interval. I havent merge my branch…
-
I have a softflowd running on a pretty busy linux router like this (sending netflow data to a central collector)
softflowd -i 4 bond0.4 -v 9 -m 500000 -n 10.25.3.18:2055 -N
The statistics do make …
-
Support for Encoding data using Netflow when outputting
- Version: 7.2
- Sample Usage:
```
udp {
id => "udp_exporter"
codec => netflow
host => "10.10.10.10"
…