mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-29 04:13:13 +01:00
15 lines
539 B
Plaintext
15 lines
539 B
Plaintext
# Module: netflow
|
|
# Docs: https://www.elastic.co/guide/en/beats/filebeat/7.x/filebeat-module-netflow.html
|
|
|
|
- module: netflow
|
|
log:
|
|
enabled: true
|
|
var:
|
|
netflow_host: localhost
|
|
netflow_port: 2055
|
|
# internal_networks specifies which networks are considered internal or private
|
|
# you can specify either a CIDR block or any of the special named ranges listed
|
|
# at: https://www.elastic.co/guide/en/beats/filebeat/current/defining-processors.html#condition-network
|
|
internal_networks:
|
|
- private
|