Skip to main content
Version: 2.11.2

NetFlow and SNMP Analytics for Splunk App

Introduction

This Splunk App is designed to empower network and security analysts with real-time network resource management capabilities. It directly leverages the highly optimized and CIM-compliant flow data provided by NetFlow Optimizer (NFO). NFO, a powerful middleware, processes massive amounts of various flow formats (NetFlow, sFlow, IPFIX) and Cloud VPC Flow logs, summarizing this data into meaningful Syslog or JSON events tailored for consumption by Splunk Enterprise or Splunk Cloud. The NetFlow and SNMP Analytics App then takes this rich, normalized data to deliver immediate, actionable insights into your network.

Enhanced Network Visibility and Security

The App unlocks detailed network visibility, enabling you to address critical IT use cases with precision and speed:

  • Bandwidth Monitoring: Identify usage patterns, top talkers, and potential bottlenecks across your network segments.
  • Capacity Planning: Proactively scale your network infrastructure by understanding historical trends and current demands.
  • Congestion Troubleshooting: Quickly pinpoint and resolve network congestion issues by analyzing traffic flows and performance metrics.
  • Cybersecurity: Enhance your security posture by integrating network flow data with threat intelligence, aiding in the detection of anomalous behavior and potential threats.

Pre-built Dashboards for Faster Insights and Proactive Operations

To accelerate your analysis and operational efficiency, the App offers an extensive collection of over 80 various pre-built dashboards for both flow and SNMP metrics, complemented by pre-built alerts. This comprehensive suite enhances your security posture by providing immediate visibility into potential threats and significantly reduces Mean Time To Resolution (MTTR) by pinpointing issues rapidly.

The dashboards cover key areas, including:

  • Firewall Analysis: Gain deep insights into firewall activity with dedicated dashboards for popular platforms such as Cisco ASA, Palo Alto Networks, and VMware NSX firewalls.
  • Cloud Monitoring: Monitor mission-critical applications and network traffic across diverse cloud environments, including Microsoft Azure, AWS, Google Cloud Platform, and hybrid cloud deployments.
  • SNMP Device Monitoring: View the health and performance of your hardware infrastructure and receive timely alerts for critical events impacting network devices.