robcowart
commented
3 years ago Some users have had success using pmacct to read a PCAP and send the resulting flow records to ElastiFlow.
Closed minhanh1234 closed 3 years ago
robcowart
commented
3 years ago Some users have had success using pmacct to read a PCAP and send the resulting flow records to ElastiFlow.
Hi
I received several PCAP files from a friend to be analyze. I am wondering if you have a command we can run to import the PCAP to the ElasticSearch (ElasticFlow).
The current process listen on logstash ip/port to capture the netflow.
Thanks