15. 02. 2016 Tobias Goller NetEye

Intuitive NetFlow Analyse durch die Abblidung von Kibana4 Dashboards in NetEye

Kibana4 dasboards in NetEye

In NetEye nutzen wir NfSen für die Sammlung, Analyse und Abbildung von NetFlow Daten. Allerdings haben sich in Vergangenheit einige User bei uns gemeldet und angemerkt, dass NfSen nicht besonders einfach zu benutzen sei, besonders wenn es darum geht eine schnelle Analyse der gesammelten Daten vorzunehmen und die entsprechenden Ergebnisse an die Vorgesetzten weiterzuleiten.

NfSen ermöglicht zwar verschiedene Varianten für die Analyse von NetFlow Daten, möchten Sie jedoch eine Standardansicht der wichtigsten Szenarios erstellen, ist der Einsatz von Kibana4 und dessen intuitiven Dashboards, die bessere Lösung.

Kibana4 ist in NetEye 3.6 integriert. Durch den Einsatz von Logstash und Elasticsearch gestaltet es sich heute sehr viel einfacher NetFlow Daten zu sammeln und übersichtliche Dashboards darzustellen.

In den folgenden vier Abbildungen sehen Sie einige Darstellungsbeispiele von NetFlow Daten. Selbstverständlich können Sie diese Informationen für eine bestimmte Zeitspanne filtern (direkt über die GUI).

top 10 source ports - which are creating the most traffic

Top 10 Quell-Ports, welche den meisten Traffic generieren.

Top 10 destination ports which are creating the most traffic

Top 10 Ziel-Ports, welche den meisten Traffic generieren.

Top 10 source IP’s - which are creating the most traffic

Top 10 Quell-IP’s, welche den meisten Traffic generieren.

Top 10 destination IP’s - which are creating the most traffic

Top 10 Ziel-IP’s, welche den meisten Traffic generieren.

Tobias Goller

Tobias Goller

NetEye Solution Architect at Würth Phoenix
I started my professional career as a system administrator. Over the years, my area of responsibility changed from administrative work to the architectural planning of systems. During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye. In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.

Author

Tobias Goller

I started my professional career as a system administrator. Over the years, my area of responsibility changed from administrative work to the architectural planning of systems. During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye. In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.

Latest posts by Tobias Goller

25. 10. 2024 Log-SIEM
Enhancing Cybersecurity with Elastic Defend: A Technical Consultant’s Perspective
28. 08. 2024 Unified Monitoring
ntopng Updates
08. 07. 2024 Unified Monitoring
Collecting Netflows – ntopng vs. ElastiFlow
06. 05. 2024 Unified Monitoring
QUIC, What’s That?
05. 03. 2024 Unified Monitoring
nBox Mini
See All

Related Content

Tags: ,

08. 07. 2024 Unified Monitoring

Collecting Netflows – ntopng vs. ElastiFlow

In order to be able to carry out detailed network monitoring, an IT administrator naturally wants to know what is happening in his or her network. To obtain this information, the network flows must of course be analyzed. Many network Read More
10. 05. 2021 Log-SIEM, NetEye

Installing Elastiflow on NetEye SIEM

First of all, I'd like to explain in simple terms what Elastiflow is all about. ElastiFlow is a NetFlow analyzer that works with the Elastic Stack. The Elastiflow Analyzer can collect various network flows, such as netflow or sflow, and Read More
09. 03. 2020 Log-SIEM, NetEye

Store Years of NetFlow Historical Data with Elastic Rollup on NetEye 4.9

Keeping historical data around for analysis is extremely useful but often avoided due to the financial cost of archiving massive amounts of data. Retention periods are thus driven by financial realities rather than by the usefulness of extensive historical data. Read More
17. 10. 2019 ITOA, Log-SIEM, Machine Learning, NetEye

Experiences with Netflow and Machine Learning in Elastic

Some time ago I was able to use the machine learning functionality in Elastic for the first time. I was astonished at how easy it is to use, and how fast it calculates historical data. In my particular case, I Read More
15. 02. 2016 Log-SIEM, NetEye

Easy NetFlow Analysis using Kibana4 on NetEye

On NetEye we are using NfSen for the collection, analysis and view of NetFlow data. Unfortunately, many users complain, that the NfSen tool is not that simple to use, especially in terms of fast data analysis and for the reporting of Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive