Malcolm icon indicating copy to clipboard operation
Malcolm copied to clipboard

Published 20 hours ago verified publisher icon idaholab

NetFlow v9 input

Open mmguero opened this issue 1 year ago • 1 comments

A user requested we look into accepting NetFlow v9 as a flow data source. I believe there are netflow inputs for logstash and filebeat already, so the plumbing is there. The majority of the work would be in normalizing the flow data to match, but there's a good chance that it's already going to be targeting ECS anyway.

mmguero avatar Aug 22 '23 12:08 mmguero