Netflow analysis using ELK #25

joschi99 · 2015-12-08T19:26:46Z

Configuring Logstash to parse NetFlow v5/v9 data streams and pass them on to Elasticsearch. Visualization with Dashboards Kibana

plugin readme

joschi99 · 2015-12-30T20:36:19Z

Logstash translate plugin needed:

cd /opt/logstash
bin/plugin install logstash-filter-translate

plugin readme

joschi99 added the enhancement label Dec 8, 2015

joschi99 self-assigned this Dec 8, 2015

joschi99 added this to the Osiris 2.2 milestone Dec 8, 2015

joschi99 pushed a commit that referenced this issue Dec 10, 2015

Logstash configuration and template to collect netflows - see #25

a91ea8d

joschi99 pushed a commit that referenced this issue Dec 10, 2015

correct geoip handling - see #25

2745061

joschi99 pushed a commit that referenced this issue Dec 10, 2015

netflow index optimization - see #25

b8e444f

joschi99 pushed a commit that referenced this issue Dec 12, 2015

NetFlow Analysis: port application mapping - see #25

4304002

joschi99 pushed a commit that referenced this issue Dec 15, 2015

netflow port application mapping updated - see #25

584d708

plugin readme

joschi99 closed this as completed Dec 23, 2015

joschi99 reopened this Dec 30, 2015

joschi99 pushed a commit that referenced this issue Dec 30, 2015

Kibana 4.1.x netflow - see #25

1aaa15c

joschi99 pushed a commit that referenced this issue Jan 13, 2016

Kibana 4.1.x netflow - see #25

78cd06e

joschi99 pushed a commit that referenced this issue Jan 13, 2016

netflow port application mapping updated - see #25

226de60

plugin readme

joschi99 closed this as completed Jan 13, 2016

Provide feedback