Hello everyone,
I’m currently using a MikroTik router to export NetFlow data, but as you may know, MikroTik doesn’t include BGP-related fields like AS PATH, AS Source, or AS Destination in the flow records.
In the past, I managed to enrich this kind of data using nfacctd (from pmacct) by running a BGP daemon and establishing a connection with the MikroTik router. That allowed me to associate flows with upstream providers, IXPs, or peers via BGP AS information.
Would a similar approach be possible with ElastiFlow?
Does ElastiFlow support enriching flow data using external BGP sources or a local BGP daemon?
Or am I overthinking this and it’s outside the intended capabilities of ElastiFlow?
Thanks in advance for any insights!