Great app so far aside from it not being able to read IPFIX which is required for VMware vSphere NetFlow collection on the vDS.
Other than the IPFIX problem, I have run into one other problem - I have done several installs of Splunk with this app and for some reason the timestamps or the time the app uses is always off by several hours or so. So, once you start collecting flows you have to choose past 4 hours or all time to see your flows which is not good for doing analytics. The time on my servers are correct.
Has anyone run into this problem before and know how to fix it?
... View more