Hello,
im using Elastiflow to get insigth into my network.. But im also trying to build some dashboard's that may help with troubleshooting during incidents.
I wonder if it's possible to check for tcp.analysis.spurious_retransmission or fast.retransmission using netflow data so i can filter out most conversations with those flags. If possible any experience on where to look on the netflow data?
No comments:
Post a Comment