The SOF-ELK package is available as a VM and does some amazing things: https://github.com/philhagen/sof-elk/blob/master/VM_README.md
It was put together for the SANS FOR572 course: https://www.sans.org/course/advanced-network-forensics-analysis The ELK stack can scale big if you want it to. On 20 September 2017 at 07:48, Dave Browning <[email protected]> wrote: > Hi All, > > Just chasing people’s recommendations for a good carrier/ISP grade Netflow > collector & analyser. Have had a play with ntopng & nprobe and so far is > looking the goods. > > Cheers, > Dave > > Dave Browning | Network Engineer > P 1300 791 678 > Level 1, 12 Railway Tce, Milton QLD 4064 > _______________________________________________ > AusNOG mailing list > [email protected] > http://lists.ausnog.net/mailman/listinfo/ausnog >
_______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
