> On 18 Apr 2023, at 15:05, Brian Candler <b.cand...@pobox.com> wrote:
>
> On 18/04/2023 12:54, MAYER Hans wrote:
>> If you are already using elasticsearch I would use elastiflow
>> https://docs.elastiflow.com/docs/flowcoll/introduction/ There is also a
>> flow collector available from elasticsearch and part of the ELK package but
>> the one from elastiflow is the better one.
> Elastiflow is also fully commercial and closed source. There is a free
> "community" licence which lets you run a single instance for the "person or
> entity accepting the license" for up to 4000 flows per second: you are not
> allowed to run multiple instances. There is also a free "basic" licence which
> adds a few more decoder features, still only 4000 flows per second, and has
> to be requested and renewed every year.
A bit overkill, but if you just want to decode Netflow/IPfix to inject it to
Elasticsearch you can use Graylog.
Borja.
_______________________________________________
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
