Comments (4)
robcowart
commented on June 7, 2024
c6d01da
Added the necessary logic for deriving timestamps and traffic volume (bytes and packets) for bi-directional flows as sent by Cisco ASA devices. Thanks especially to @jeenode, @Noebas and @sempervictus for your input.
I have committed fixes for these issues, but would like things tested before I close out the issues. If anyone can test and provide feedback here, I would really appreciate it.
@DanSheps @timmernet @azlocalit @dhermans
from elastiflow.
dhermans
commented on June 7, 2024
hi @robcowart
i tested using a clean 6.1.1 logstash/elastic/kibana and installed the two files from the commit attached to this issue. I replayed some captures with tcpreplay that I previously edited using tcprewrite.
apart from some 6.1.1 oddities ( you have to enter the advanced index dialog and re-enter netflow-* BEFORE selecting last_switched ) the new version works very nicely
basically all viz are working ( apart from a few where i'm obviously not sending data )
Thanks so much - looks fantastic..
from elastiflow.
DanSheps
commented on June 7, 2024
I will update later today and give it a go.
from elastiflow.
robcowart
commented on June 7, 2024
Thanks for the feedback @dhermans. Closing this and releasing v1.2.0.
from elastiflow.
Related Issues (20)
- Import PCAP file from a USB File to ElasticFlow HOT 1
- RISKIQ behind proxy HOT 1
- Can't access ElastiFlow 5.0.0 in Docker HOT 2
- Centos 7 Install Logstsh sFlow codec fails HOT 1
- ElasticFlow : Netflow VLAN data is not populated in elastiflow HOT 2
- Elastiflow : Not generating enough data in Elastic HOT 2
- ElasticSearch 7.12 ... just checking :) HOT 3
- I can't see data (elastiflow) in kibana HOT 1
- docker image - flowcoll should recover once elasticsearch become available HOT 3
- index-pattern remain elastiflow empty HOT 8
- Invalid request payload JSON format HOT 4
- Elastic upgrade from 7.10 to 7.12 HOT 5
- source.as.organization.name always public HOT 2
- logstash is running but not able to see Sflow data HOT 3
- netflowv5 mikrotik no data in dashboard HOT 6
- kibana terms list might be incomplete because the request is taking to long HOT 1
- Mapper_parsing_exception HOT 2
- No matching indices found: No indices match pattern "elastiflow-flow-codex-*" HOT 2
- no data in threats HOT 2
- The legacy ElastiFlow is deprecated. TRY THE NEW ELASTIFLOW!!!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elastiflow.