Search API through My Netflow data

Blason · October 2, 2017, 10:02am

Hi Guys,

I have setup Netflow with my checkpoint firewall and data is properly coming in and being indexed. Now I have certain malicious IP addresses in other text file. How do I search through my netflow index to match those IP addresses? Any example is highly appreciated. I guess that could be possible using search API?

Also can I automate that search if at all that searching is possible?

system · October 30, 2017, 10:02am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Two index query, linking field Elasticsearch	1	368	February 1, 2019
Compare IP's in netflow to Reputational List Logstash	2	857	July 6, 2017
I need advice on this new use case - IOC Elasticsearch	4	1410	September 25, 2017
Dataset of IP's to query against Index Elasticsearch	4	323	November 23, 2020
A very simple query with CURL from a Windows box Elasticsearch	8	1006	July 5, 2017

Search API through My Netflow data

Related topics