Hi everyone, wanted to share a project we've been working on that might be useful for MikroTik users.
FlowPro NG is an on-premises SIEM (Security Information and Event Management) platform built with MikroTik networks in mind.
MikroTik integration:
- Native NetFlow v5/v9 collector — just point your /ip traffic-flow target at FlowPro and it works instantly
- RouterOS syslog parsing out of the box — firewall logs, DHCP leases, wireless events, all parsed and searchable
- Automatic MikroTik device recognition
- Works with all RouterOS devices (hAP, hEX, CCR, CRS, CHR...)
What else it does:
- Real-time traffic analytics with geo maps, top talkers, per-protocol breakdown
- Suricata IDS with automatic MITRE ATT&CK mapping
- CVE vulnerability database (333,000+ entries with EPSS risk scoring)
- SSL/TLS certificate monitoring
- Honeypot management (17 types)
- Asset management with automatic device discovery
- NIS2 compliance reporting
- AI-powered log analysis
Setup:
Single Ubuntu server, one-command install. MikroTik side is just two lines:
/ip traffic-flow set enabled=yes interfaces=all
/ip traffic-flow target add dst-address= port=2055 version=9
Pricing:
Free tier available (5 agents, 1 flow source). Paid plans start at €99/month. 14-day Enterprise trial with no credit card required.
More info: www.flowpro.eu
Happy to answer any questions about the MikroTik integration or the platform in general.
