Stats/Telemetry for matched/dropped flowspec trafic
It would be great if we could retrieve stats from InfluxDB by host (and by hostgroup) about the amount of traffic that matches the flowspec rules created by FastNetMon (and which is therefore theoretically dropped). This would make it possible to check very quickly on supervision whether the attack traffic has been identified & matched correctly by FastNetMon, or whether human intervention is required to adapt the filters.
Or simply have an option to exclude traffic that matches flowspec rules from traffic statistics sent to InfluxDB.
marked this post as