The platform where this needs to be done is NSX if it matters. I know about the "Application Rule Manager", but I think it's not powerful enough for the number of flows we have.
I suppose I'm not the first one who has to do this, so I am asking you, how did you do it? My first thought is ELK because of its engine, but I couldn't yet find anything like this on Google, I might ask on their forum. I could also just send the logs to a syslog server and hope to find a script that generates the rules, is there is script for this?
Any piece of advice is really welcomed.
No comments:
Post a Comment