Skip to content
This repository has been archived by the owner on Mar 22, 2024. It is now read-only.

ElastiFlow v3.0.0
Compare
Choose a tag to compare
@robcowart robcowart released this 13 May 17:15
· 300 commits to master since this release
v3.0.0
18a6f11

  1. Dashboards have been rebuilt to leverage features added since the release of Kibana 6.x. This includes the addition of experimental dashboards which leverage the new Vega visualization.

  2. The schema was refactored to minimize the volume of data stored and increase the efficiency of processing. The result is a reduction of storage requirements by 20-30%, and better throughput.

  3. IP reputation tagging has been added to assist in the identification of suspect network traffic.

  4. Improved support for application identification data has been added for Cisco NBAR2 and Fortinet.

  5. Added support for simultaneous collection over IPv4 and IPv6 on separate interfaces.

  6. Versioning has been added for indices and index templates. This will make it possible in the future to create reindexing methods for the migration of historical data to newer versions.

  7. GeoIP and ASN lookups can now be enabled/disabled using an environment variable. Users who don't need these capabilities will be able to disable them, saving disk space and increasing processing efficiency.

  8. Index mappings were modified to more gracefully handle various vendor-specific flow field implementations.

  9. Fixed a regression related to the field type of various IPFIX date fields.

Assets 2
Loading