LogstashNetflow模块收集和解析网络流数据，将事件索引到ElasticSearch中，并安装一套Kibana仪表板。

Download and install Logstash

vi config/logstash.yml

modules:

  - name: netflow

    var.input.udp.port: <udp_port>

Where <udp_port> is the UDP port on which Logstash will receive Netflow data.

Run:

./bin/logstash --modules netflow --setup

The --setup option creates a netflow-* index pattern in Elasticsearch and imports Kibana dashboards and visualizations. Omit this option for subsequent runs to avoid overwriting existing dashboards.