If I leave the “netflow9_definitions_Path” empty everything works as is should, with the exception: I would prefer custom names for some of the fields.
Where is Graylog’s default “netflow9.yml” file?
How do I input a path correctly using the edit input page?
I’m using: Graylog 3.3.8+e223f85 on graylog (Private Build 1.8.0_275 on Linux 5.4.0-53-generic)
Thanks. I’ve found that file too in the Graylog github source but where does the file live on the OS and how do we point to a custom netflow9.yml in the “Edit Inputs”?
Upload the edited version of that file to the Graylog server, somewhere where Graylog can read it (/usr/share/graylog-server is probably the logical destination). Make sure the file is owned by the graylog user and it should work (if you upload it the example directory I gave you should put /usr/share/graylog-server/netflow9.yml into the “Netflow 9 field definitions” box).
If it still doesn’t work check the Graylog log for the error.