Datadog
Integrating NetFlow Optimizer (NFO) with Datadog unlocks a unified view of your infrastructure by bridging the gap between application performance and network telemetry. By streaming enriched and reduced network flows into Datadog’s observability platform, teams can pinpoint network-driven application bottlenecks and correlate traffic spikes with infrastructure health in real-time.
The NFO Advantage for Datadog
Standard network logs are often too voluminous and "noisy" for cloud-scale observability. NFO streamlines this data to provide actionable insights without overwhelming your Datadog account.
- Intelligent Volume Reduction: NFO aggregates and deduplicates flow data at the source—reducing volume by 80% to 90%. This ensures you maintain 100% visibility into network conversations while significantly lowering Datadog Log Management costs.
- Unified Observability: Enrich flow records with DNS names, VM identities, and User IDs before they reach Datadog. This allows you to search for logs using service names and hostnames rather than obscure IP addresses.
- Seamless Correlation: By sending data in structured JSON format, NFO enables Datadog to perform automatic field extraction, making it easy to correlate network events with APM traces and infrastructure metrics.
How It Works
NFO works in tandem with the Datadog Agent to provide a secure and reliable data pipeline.
- Collection: NFO gathers NetFlow, IPFIX, and sFlow from your physical and virtual network devices.
- Transformation: Data is aggregated to reduce volume and enriched with identity context.
- Transmission: NFO sends JSON-formatted logs via UDP to a local or remote Datadog Agent.
- Ingestion: The Datadog Agent securely forwards the enriched logs to the Datadog Cloud for analysis and visualization.
Get Started
Deployment & Configuration
A step-by-step technical guide to configuring the Datadog Agent and setting up the NFO JSON output.