Hi all,
if I use reverse DNS lookup to get FQDNs instead of IP addresses in the dashboard that works perfectly well.
But as far as I know the flow records contain both flow.export.host.name and flow.export.ip.addr. How can I add a column to the dashboard so I see both?
More importantly I need a CVS export containing both fields.
Thanks and kind regards,
Patrick
I would use the ‘Discover’ menu to filter the data and select the specific columns I wanted to see in the left frame, and then use ‘Share’ to generate a CSV file.
I don’t have specific instructions for editing the dashboards, but essentially you would need to use the ‘Edit’ mode and then ‘Edit Discover session’ to modify the table that is displayed.
That helps! I will investigate.
I am a complete noob with Kibana and Elastic. More of a Grafana guy. But Elastiflow showed to be the best if not the only turnkey netflow collector solution. Really painless to set up.
Kind regards,
Patrick
