I'm running filebeat 7.14.0 to ingest Netflow data, which is then stored in Elasticsearch and viewed on Kibana. When I run filebeat -e, I will see some logs generated by filebeat every 30s.
I'm trying to understand the stats more. For example, I see
"input":{"netflow":{"flows":1234,"packets":{"dropped":2345,"received":12345}}}}
But each netflow packet contains about 10 netflow records, so when I receive 12345 packets, I would expect 123450 flows, and the stats only show 1234 flows. Does it mean I'm missing a lot of flows?
For Better understanding of logs , enable logging in debug mode and add Logging.Selector : ["input"] This will show you stats per sec in the logs . Add grep "stats" while checking the log to easily check the stats .
This will show you Flows and packets per second