sFlow/Netflow

Question

Hello,I need to configure my BIGIP to send sFlow to ELK, so I need the version of sFlow or Netflow used by F5 BIGIP (version 14.1.4)can any one help with this please ?Regards,

psfletchthetek · Answer

Hi,sFlow on ELK isn't very well support, netflow which is very slightly different is much better.It has filebeats and logstash plugins ready to go.Also the default sFlow config doesn't help much.I would recommend using netflow and using a method like thishttps://docs.illumio.com/asp/20.2/Content/Guides/flowlink-configure-usage/collect-flow-records-f5.htmSorry i can't for the life of me get google to find the f5 pages that show the same, but in short its basically a log publisher and log destination setup like syslog. Then all you do is have a simple irule on the virtual server that you want logging.This setup supports netflowv9 and ipfix (v10) so you should be good to go!Hope this helps.

Forum Discussion

sFlow/Netflow

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 sFlow with ManageEngine Netflow

UDP TCP Packet Duplication

Re: If Kernighan were a network architect he would say...

Re: How to enable Netflow on the F5

Re: sflow NAT vs local subnet to reach MGMT station on another subnet...

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS