Flows information Miss in Elastic Index

ntop / ntopng

Web-based Traffic and Security Network Traffic Monitoring

http://www.ntop.org

GNU General Public License v3.0

6.3k stars 658 forks source link

Flows information Miss in Elastic Index #8761

Closed nikopuf closed 1 month ago

nikopuf commented 1 month ago

ntopng -i ens192 -F "es;ntopng;ntopng-%Y.%m.%d;http://120.120.1.202:9200/_bulk;" --http-port 4000 --ignore-vlans this is how i run ntop to push data in elastic but when i go in my elastic index i didnt fine ja3 ja3s information in index,

what is the recommend version of elastic search i am using 7.16.3?

OS: ubuntu 18.04

MatteoBiscosi commented 1 month ago

Ja3/ja4 info are not exported to the elastic flows, only basic info about flows are exported to the elastic