Netflow Logstash

TheSun · October 4, 2019, 4:28am

Hi,
I have problems processing data netflow.
I can not create index.
This is my configuration, please help me.!!!

input {
udp {
port => 1234
type => "netflow"
codec => netflow
}
}
output {
if ( [type] == "netflow" ) {
elasticsearch {
hosts => "10.10.1.162:9200"
index => "logstash-%{+YYYY.MM.dd}"
}
}
}

Andrew22 · October 8, 2019, 6:21pm

are you seeing any error messages in log for logstash?

TheSun · October 14, 2019, 2:17am

It works normally but does not receive any data.

TechGeekNZ · October 14, 2019, 3:10am

Have you tried outputting to STDOUT and verifying that the data is being processed?

https://www.elastic.co/guide/en/logstash/current/plugins-outputs-stdout.html

You could also give the output a different index name if you have other data that is going into the logstash index

system · November 11, 2019, 3:10am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Probleme input UDP , no index, no DATA Logstash	2	575	April 28, 2017
Elasticsearch index issue with logstash-netflow in 5.x Logstash	8	2057	December 14, 2016
Logstash and ElasticSearch setup not working for Netflow logs Logstash	8	11976	July 6, 2017
Logstash and NetFlow v5 Logstash	1	678	July 6, 2017
Netflow Module Not Creating ES Index Logstash	10	931	June 12, 2019

Netflow Logstash

Related topics