I'm also interested in this. As I know there is no native netflow input in syslog-ng and when I did some research on it, it is not very easy. Logstash has a native netflow input and output, but it seems this is abandoned and not very stable. nxLog also support netflow but I'm not sure if it is only in the enterprise version or it is available in the CE too

L:


On Wed, Nov 27, 2019 at 1:58 PM Raghunath Adhyapak <funduraghu@gmail.com> wrote:
Hi,

I was trying to receive Netflow logs from firewall devices in syslog-ng and then forward to a central server.
Does syslog-ng support netflow such that I can validate and filter out all non-netflow log lines?
I also dumped some netflow logs to a file and found it to be binary. Therefore I haven't been able to ascertain the format and filtering mechanism.

Any pointers on this topic would be helpful.

Thanks
Raghu
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq