Newbie playing with netflow (with nProbe) + ELK. Everything running and now what

bartplessers · September 12, 2016, 9:06am

Hello,

Just bought a UBNT router with netflow capabilities.

I setup netflow, and configured a windows server with ELK.

Now I see a basic graph on kibana, but I want

to answer my question: "wich of my clients consumes howmuch bandwith on what time" Granularity of period should at least be 1h.

Is this possible?
Can somebody point me to some good information (not to difficult for a newbie as me... )

thanx in advance!
Bart

warkolm · September 12, 2016, 9:08am

Which will be possible when you have more data.

That should already show up, hostnames will depend on reverse DNS.

That's where you run an aggregation.

Did you run through the second one of those links?

Topic		Replies	Views
Netflow - SUM netflow.bytes between 2 ip's Kibana	7	1101	August 22, 2019
LogStash & Netflow : Wrong values? Logstash	3	682	May 7, 2018
Looking for advice on a use case for NetFlow Elastic Agent	4	243	February 23, 2024
Kibana and packetbeat questions Beats packetbeat	2	465	September 24, 2018
NOOB, Elastic Stack (Search/Logstash) Netflow Cisco SD-WAN Logstash	1	242	August 15, 2023