Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VNet Flowlog with Plugin #48

Open
aekanunphanphomma opened this issue Jul 4, 2024 · 2 comments
Open

VNet Flowlog with Plugin #48

aekanunphanphomma opened this issue Jul 4, 2024 · 2 comments

Comments

@aekanunphanphomma
Copy link

We are trying to use your plugin to visualize VNet Flowlog on Kibana via Logstash. However, we are facing a lack of input from the storage account. Not sure if this is due to the plugin still being developed or if we are having issues due to an incorrect Logstash configuration. Please assist. Thank you.

logstash.conf.json
Screenshot 2567-07-04 at 16 22 45
@janmg
Copy link
Owner

janmg commented Jul 6, 2024

This plugin does not directly have support for vnetflowlogs, you would need to parse them with the logtype raw. Because of that you need to split and filter with the correct timestamps. I don't know which parameters are supposed to be used for vnetflowlogs, but from the picture you posted, I think you are picking the date from when the logfiles are written and not the timestamp from each individual event.

I don't think the plugin drops events, unless there is some errors in the logfiles

@janmg
Copy link
Owner

janmg commented Jul 7, 2024

please change your passwords.

when I have time, I'll add explicit support for vnetflowlogs. I already added a commit, but didn't test it yet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@janmg @aekanunphanphomma