Filebeat Netflow Input to Logstash Elastiflow Pipeline

ksremo · April 21, 2020, 10:53am

I installed the elastiflow pipelines/module on my Logstash.
The Netflow-Data is ingested in a Filebeat (input netflow) and then forwarded to a Logstash pipeline.
In this Pipeline there is a switch/case on the log type.
If type is netflow then the data is forwarded to a elastiflow pipeline.
The data is indexed but in "netflow-format". The field mapping does not work.

It seems that elastiflow plugin is online working correctly if i ingest in logstash directly (plain udp netflow traffic)

Is there a workaround to do this? Maybe map the field directly in filebeat?

system · May 19, 2020, 10:53am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch 7.4 Netflow questions Logstash or filebeat WTF? Elasticsearch	6	1434	November 1, 2019
Logstash - With Filebeats and Netflow Logstash	6	1098	October 21, 2018
Filebeat-netflow to logstash send only specific fields Logstash	1	651	March 31, 2022
Filebeat 7.2 netflow module and adding custom fields Beats filebeat	1	439	August 6, 2019
Filebeats fields mapping to logstash Beats filebeat	3	2365	February 16, 2018

Filebeat Netflow Input to Logstash Elastiflow Pipeline

Related topics