Show Posts
1
General Discussion / Vizualize Netflow data in Kibana (used network trafic)
« on: October 26, 2021, 08:42:36 am »
Hi,
I would like to create a dashboard on Kibana using the OPNsense Netflow (I tried v5 and v9) logs to vizualize the bandwith used per source IP.
Here is my logstash config.
I receive data in Elasticsearch (see attachments), but I don't know how to use it to create a graph.
For my tests I started a "wget --limit-rate=200k xxx". My IP is 172.16.10.106.
Here is the vizualization I created in the attachments. As you can see, the graph is wrong and I can't even see the download I'm doing.
Where does the problem come from ?
Is the Netflow data correct ? If yes, how should I create my vizualization in Kibana ?
Thanks a lot in advance.
I would like to create a dashboard on Kibana using the OPNsense Netflow (I tried v5 and v9) logs to vizualize the bandwith used per source IP.
Here is my logstash config.
Quote
input {
# OPNsense netflow logs input
udp {
port => 10522
codec => netflow
tags => ["opnsense_netflow_logs"]
}
}
filter {
}
output {
if "opnsense_netflow_logs" in [tags] {
elasticsearch {
hosts => "http://localhost:9200"
index => "opnsense-netflow-%{+YYYY.MM}"
}
}
}
I receive data in Elasticsearch (see attachments), but I don't know how to use it to create a graph.
For my tests I started a "wget --limit-rate=200k xxx". My IP is 172.16.10.106.
Here is the vizualization I created in the attachments. As you can see, the graph is wrong and I can't even see the download I'm doing.
Where does the problem come from ?
Is the Netflow data correct ? If yes, how should I create my vizualization in Kibana ?
Thanks a lot in advance.