How about Sflow support

charlesrg · October 19, 2018, 7:36pm

To get data straight from network devices PacketBeat could support SFLOW.
It's open and some more info here: https://sflow.org/sFlowOverview.pdf

This way I could configure our routers/switches to send flows straight to packetbeat processor for analysis.

Sample Arista Switch:

willemdh · October 19, 2018, 9:07pm

Just wanted to add that we would also really like sflow support. Alcatel switches don't support netflow. Or maybe a Logstash module such as the one for Netflow?

rcowart · October 25, 2018, 11:23am

There is an sFlow input for logstash. Simply run...

logstash/bin/logstash-plugin install logstash-codec-sflow

This codec is used by ElastiFlow to decode sFlow records.

system · November 22, 2018, 11:23am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Feature Request Flowbeat! Beats packetbeat	12	5892	November 4, 2022
Does filebeat support sFlow? Beats filebeat	2	1526	April 16, 2020
Logstash - With Filebeats and Netflow Logstash	6	1098	October 21, 2018
Filebeat Netflow Input to Logstash Elastiflow Pipeline Beats filebeat	1	453	May 19, 2020
Elasticsearch 7.4 Netflow questions Logstash or filebeat WTF? Elasticsearch	6	1434	November 1, 2019

How about Sflow support

Related topics