Log Insight + Netflow = Awesome
This is just another awesome use case for Log Insight. I have setup the vSphere Distributed switch to send netflow to a netflow proxy which then sends them as syslog messages to Log Insight. The reason for this is that Log Insight can’t ingest netflow messages natively. What you then end up with is a lot of logged netflow messages like the one below. Ignore the extracted field names, these can be designed as you wish. I went with speed 🙂 You might think what can this be used for and why should I care ? Log Insight + Netflow […]