Skip to main content
Version: 2.10.2

NetFlow and SNMP Analytics for Splunk App

Introduction

This Splunk App empowers network and security analysts with real-time network resource management. It leverages NetFlow Optimizer (NFO) - a powerful middleware that processes massive amount of various flow formats (NetFlow, sFlow, IPFIX) and Cloud VPC Flow logs. NFO summarizes this data into meaningful, CIM-compliant Syslog (or JSON) events for Splunk Enterprise or Splunk Cloud. Additionally, it allows forwarding original flow records to cost-effective storage options like rsyslog, syslog-NG, Elastic, or Hadoop.

Enhanced Network Visibility and Security

The App unlocks detailed network visibility, enabling you to address critical IT use cases:

  • Bandwidth Monitoring: Identify usage patterns and potential bottlenecks.
  • Capacity Planning: Proactively scale your network infrastructure.
  • Congestion Troubleshooting: Quickly pinpoint and resolve network congestion.
  • Cybersecurity: Enhance security with threat intelligence integration.

Pre-built Dashboards for Faster Insights

The App offers pre-built dashboards for:

  • Firewall Analysis: Gain insights into firewall activity with dashboards for Cisco ASA, Palo Alto Networks, and VMware NSX firewalls.
  • Cloud Monitoring: Monitor mission-critical applications across Microsoft Azure, AWS, Google Cloud Platform, and hybrid cloud environments.
  • SNMP Device Monitoring: View your hardware infrastructure's health and receive alerts for critical events.

Who Should Use This Guide

This guide is designed for network and security analysts who utilize the App for network monitoring and troubleshooting. For more information on NFO, visit www.netflowlogic.com.