Netflow protocol version 0 not supported

w33ha-zxc · January 14, 2020, 10:14am

Have been trying to ingest Netflow Data from a Fortigate Firewall through Filebeat, but upon running filebeat -e gets me to the following warning -

netflow/input.go:240 Error parsing NetFlow packet of length 220 from 192.168.1.10:4216: netflow protocol version 0 not supported

Below excerpt from my config file -

shaunak · January 14, 2020, 3:58pm

Hi @w33ha-zxc, welcome to the Elastic community forums!

I see you already created a GitHub issue for this — https://github.com/elastic/beats/issues/15532 — which is great!

Shaunak

w33ha-zxc · January 27, 2020, 12:51pm

The flow sent out was for sflow and not netflow.

Configuring it to Netflow fixed the issue.

Thanks.

system · February 24, 2020, 2:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Netflow not supported? Beats filebeat	2	428	September 27, 2021
Filebeat.netflow parse NAT log Beats filebeat	1	130	April 18, 2024
Filebeat Fortinet Default Ingest Pipeline fails Beats	6	1341	August 11, 2020
Filebeat not sending logs to elastic from fortinet module Beats filebeat	2	365	December 1, 2020
Filebeat netflow template missing Beats beats-module , filebeat	1	317	June 29, 2023