search

robcowart / elastiflow

Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack
Other
2.48k stars 592 forks source link

Missing filters on dashboard #229

Closed leandrov96 closed 5 years ago

leandrov96 commented 5 years ago

Hello,

I'm using YAF to export flows to Logstash and viewing them on Elastiflow, and there are some filters I can't seem to use to filter or create new dashboards. One of them is for example ipfix.flowEndReason, along with the reverse IEs. I was able to put it on the ElastiFlow: Flow Records (client/server) dashboard, however, when I try to filter it doesn't even show up. The same happens when I try to create a new "Visualize", it'd be handy for me to have a counter of the flow end reasons and I wondering why this seems to happen.

Thank you for your time!

robcowart commented 5 years ago

You probably need to go into the management tool in Kibana and refresh the ElastiFlow Index Pattern. Not every field is included in the pattern by default. This prevents having 100s of field names in selection boxes and other Kibana elements that are not anywhere in your specific data.