elastiflow is extremely easy to run on an httpd listening only on localhost and proxy behind a simple nginx TLS1.2/1.3 only configuration listening on port 443.

as are a number of other tools.

On Tue, 25 Jan 2022 at 16:06, Laura Smith via NANOG <nanog@nanog.org> wrote:

On Tuesday, January 25th, 2022 at 23:50, Compton, Rich A <Rich.Compton@charter.com> wrote:

> You can pretty much do the same thing with Elastic’s filebeat (https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-netflow.html).
>

Has Elastic decided to join the rest of the world in the 21st century yet ?

Last time I looked at it (not too many years ago) they had no TLS support. Bit of a show-stopper in today's security environment.