I loved using ElastiFlow, but we didn’t quite work out in the end. Here’s my $0.02 - - ElastiFlow setup is easy-ish. - ELK setup is easy-ish. - Scaling ELK is not easy unless you know what you’re doing. If you’ve got enough flows that you need to scale ELK, you’re probably also using multiple flow exporters, at which point this[1] could bite you and if ELK scaling was hard for you, dealing with this might not be trivial until Rob decides how best to bake a fix into EF. I learned ELK because I wanted to use EF, but I only learned enough about ELK to get me by. Having to also learn about REDIS and having to learn more about ELK to make it work with REDIS and EF was a show stopper; I just didn’t have the time. [1] https://github.com/robcowart/elastiflow/issues/205
On May 18, 2019, at 12:19 AM, Crist Clark <cjc+nanog@pumpky.net> wrote:
Been loving Elastiflow. Way overkill for what you need, but it's actually pretty easy to setup.
https://github.com/robcowart/elastiflow
On Fri, May 17, 2019 at 7:25 AM Dennis Burgess via NANOG <nanog@nanog.org> wrote:
I am looking for a free program to take netflow and output what the top traffic ASes to and from my AS are. Something that we can look at every once in a while, and/or spin up and get data then shutdown.. Just have two ports need netflow from currently.
Thanks in advance.
Dennis Burgess, Mikrotik Certified Trainer
Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
Create Wireless Coverage’s with www.towercoverage.com