Perhaps I should back up and request a beginners guide to pmacct. Most of what I've read today has largely assumed you already know what you're doing. I haven't found a good from the ground-up setup guide.
I generally prefer installing whatever package is in the distro's repository to make upgrades and dependencies easier, but it seems like pmacct has limited plugin packages. Strangely, it seems like Debian is more current than Ubuntu at the moment (1.6.1 vs. 1.5.2). Anyway, I digress. So what do I need to do to get to that point? Download and extract the tar. I'm not sure which plugins I need to enable at compilation as I'm not sure where I'm sending the data. So far I've gone forward with just jansson, which may not even be needed, I don't know. I have it collecting promiscuously on the Ethernet port for now, putting it into memory. I should probably make sure my netflow config works correctly as well. Where am I putting the BGP configuration? Right into the netflow config file as that's the traffic data I intend to ingest? ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com ----- Original Message ----- From: "Paolo Lucente" <[email protected]> To: [email protected] Sent: Saturday, March 3, 2018 10:13:08 AM Subject: Re: [pmacct-discussion] pmacct + ELK made easy? Anthony is correct. The incarnation of that blog entry about pmacct + ELK is the pmacct-to-elasticsearch project that you can find on GitHub: https://github.com/pierky/pmacct-to-elasticsearch Also here you can find a guide on how to integrate pmacct with InfluxDB (on top of the same blog entry that Anthony already referenced about ELK): https://github.com/pmacct/pmacct/wiki/External-Links Paolo On Sat, Mar 03, 2018 at 03:30:38PM +0000, Anthony Caiafa wrote: > It seems you can probably build one based off these two > > https://blog.pierky.com/integration-of-pmacct-with-elasticsearch-and-kibana/ > > https://blogs.cisco.com/security/step-by-step-setup-of-elk-for-netflow-analytics > > > > I am sure with a little more is googling you’ll be able to find something > or put a post together. > > On Sat, Mar 3, 2018 at 9:12 AM Jon Nistor <[email protected]> wrote: > > > That would be really awesome if there were a guide :> > > > > > > From: Mike Hammett <[email protected]> > > <[email protected]> > > Reply: [email protected] <[email protected]> > > <[email protected]> > > Date: March 3, 2018 at 9:03:00 AM > > To: [email protected] <[email protected]> > > <[email protected]> > > Subject: [pmacct-discussion] pmacct + ELK made easy? > > > > Anyone know of a good A - Z pmacct - ELK stack guide? Debian preferred, > > but not required. > > > > > > > > > > ----- > > Mike Hammett > > Intelligent Computing Solutions > > http://www.ics-il.com > > <https://www.facebook.com/ICSIL> > > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > > <https://www.linkedin.com/company/intelligent-computing-solutions> > > <https://twitter.com/ICSIL> > > Midwest Internet Exchange > > http://www.midwest-ix.com > > <https://www.facebook.com/mdwestix> > > <https://www.linkedin.com/company/midwest-internet-exchange> > > <https://twitter.com/mdwestix> > > _______________________________________________ > > pmacct-discussion mailing list > > http://www.pmacct.net/#mailinglists > > > > _______________________________________________ > > pmacct-discussion mailing list > > http://www.pmacct.net/#mailinglists > _______________________________________________ > pmacct-discussion mailing list > http://www.pmacct.net/#mailinglists _______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists
_______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists
