Hello,
Is there sflow support option in Librenms or third party offering sflow support?
Thanks
Hi,
Does anyone have a working solution for sflow? I’m looking for the same.
nfsen ? Have you tried ?
NFSEN works, you just have to enable the sflow option when building nfdump –enable-sflow
I don’t love nfsen when compared to something like Elastiflow, however; nfsen does integrate with LibreNMS.
Killo , what do you think about comparing both , nfsen and elastiflow ?
Im testing a recently installed filebeat + netflow platform.
It has many automated tasks , but can not create my own filters or can I ?
Can you share your experience with elastiflow ?
Im trying to get a real idea about moving from old nfsen to something new.
Leandro.
ElastiFlow is the new cool kid on the block. I’ve found it to be far more advanced than nfsen. I have no experience whatsoever with filebeat.
Maybe I’m a little OCD about this stuff but I think nfsen is kind of garbage when compared with elastiflow. The downside to elastiflow is that it doesn’t integrate with LibreNMS…which is probably not a big deal to most. For me, I just really dislike having to go to multiple systems to get the information that I want or need.
Question is:
Can you create profiles , similar way than nfsen ?
Can you create a traffic profile to detect attacks ?
Or you are only an expectator of the platform ?
For instance , filebeat / netflow provide the “top-N” section wich is ok.
but I can not exclude some subnets from the result.
Thanks
I cannot compare it to nfsen very well because I have not done much with nfsen or elastiflow.
Elastiflow comes with a ridiculous amount of various queries / filters…much more than nfsen. Elastiflow can identify most traffic from flows and chart it. It can show top IP’s, top ports etc. etc.