Log Insight + Netflow = Awesome part 2

Posted on

In my first blog post Log Insight + Netflow = Awesome I show cased that Log Insight could be used to ingest netflows and showed some graphics and talked about possible extensions the data found into other products such as vRealize Operations or NSX. I got some comments from people who wanted to learn more, but instead of me keep answering the same questions, I have posted what and how on to github. This marks the first github project that I have created. So even though this is not even half baked, not thought through and very much just for […]

Log Insight + Netflow = Awesome

Posted on

This is just another awesome use case for Log Insight. I have setup the vSphere Distributed switch to send netflow to a netflow proxy which then sends them as syslog messages to Log Insight. The reason for this is that Log Insight can’t ingest netflow messages natively. What you then end up with is a lot of logged netflow messages like the one below. Ignore the extracted field names, these can be designed as you wish. I went with speed 🙂 You might think what can this be used for and why should I care ? Log Insight + Netflow […]