Network Flow data is not a typical time-series data source, presenting unique challenges in terms of storage and management. ElastiFlow has created an innovative method using Elasticsearch's Time Series Data Streams (TSDS) to address these challenges, enabling users to achieve up to a 70% reduction in flow data storage requirements.
In this talk we will delve into the journey of developing this solution, exploring the process that led us to the final TSDS-based approach and examining the advantages and disadvantages along the way.
This was presented as part of the Elastic Meetup.
Presentation Link: [ Ссылка ]
