The SOF-ELK package is available as a VM and does some amazing things:
https://github.com/philhagen/sof-elk/blob/master/VM_README.md

It was put together for the SANS FOR572 course:
https://www.sans.org/course/advanced-network-forensics-analysis

The ELK stack can scale big if you want it to.

On 20 September 2017 at 07:48, Dave Browning <[email protected]> wrote:

> Hi All,
>
> Just chasing people’s recommendations for a good carrier/ISP grade Netflow
> collector & analyser. Have had a play with ntopng & nprobe and so far is
> looking the goods.
>
> Cheers,
> Dave
>
> Dave Browning | Network Engineer
> P 1300 791 678
> Level 1, 12 Railway Tce, Milton QLD 4064
> _______________________________________________
> AusNOG mailing list
> [email protected]
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
_______________________________________________
AusNOG mailing list
[email protected]
http://lists.ausnog.net/mailman/listinfo/ausnog

Reply via email to