Searches, Reports, and Alerts

Searches

There are four search dashboards within the App:

• Traffic Timeline - search criteria set to macro `netflow_search_traffic_rules`
• Cisco ASA Timeline
• Palo Alto Networks Timeline
• NSX DFW Timeline

To see all output from NFO enter “index=flowintegrator” in search area. To filter search results to a specific NFO Module, please add the corresponding Module output ID to your search, for example:

“index=flowintegrator nfc_id=20067”

You can add additional filters or any other Splunk search commands to narrow your search results and / or see various statistics. You can also save your custom searches there.

Reports

There several online reports included with the App, and a Top Talkers report that can be scheduled. If you have questions, please contact support: support@netflowlogic.com.

Alerts

The app comes with several alerts for security and IT operation use cases. If you have questions, please contact support: support@netflowlogic.com.