I’ve started to use Netflow feature, but for some reason it doesn’t provide graphs for full session communication
I can see on the graph either only source or destination ,please see in the picture attached
Is there any way where I could have a graph with source ,destination and ports in one graph output ?
Since in the existing way it’s really hard to correlate from the graph perspective who corresponds to whom
I would like to see it in the percentage value
Also is it possible to see instead of % how many bps is pushed between the hosts?
@amaizenshtein I’ve struggled with the same thing; namely the two most important objectives are bps and correlation; the data is there - it just can’t be visualized that way with the built-in dashboard features. I got as far as histogram of nf_bytes but for a specific IP; I could never get it with all top hosts showing nf_bytes in a pie chart. I postulated that one could use Kibana to extract and visualize Graylog data but never had the time and will to try it.
I was looking for something like that (Ntop example):
