Skip to main content
Version: Next

Integration with Axoflow

NetFlow Optimizer (NFO) now seamlessly integrates with Axoflow (www.axoflow.com), a powerful observability pipeline platform. This integration allows you to forward enriched and processed network flow and telemetry data from NFO to Axoflow for further processing, routing, transformation, and delivery to a wide range of analytics and storage backends.

By integrating NFO with Axoflow, you can leverage Axoflow's robust capabilities to:

  • Centralize Data Processing: Consolidate network flow data from NFO with other observability data sources within Axoflow.
  • Advanced Data Transformation: Utilize Axoflow's extensive processing functions to further shape, filter, and enrich NFO data.
  • Flexible Data Routing: Route specific NFO data streams to different destinations based on your requirements (e.g., SIEM, data lake, monitoring tools).
  • Scalable Data Pipelines: Build highly scalable and resilient data pipelines for your network observability data.
  • Cost Optimization: Implement intelligent data sampling and filtering within Axoflow to optimize data ingestion costs in your downstream systems.

Prerequisites

You’ll need:

  • An Axoflow subscription, access to a free evaluation version, or an on-premise deployment.

  • A host that you’ll install AxoRouter on. This can be a separate Linux host, or a virtual machine running in the same network with NFO. AxoRouter should work on most Red Hat and Debian compatible Linux distributions. For production environments, we recommend using Red Hat 9.

  • Access to a supported SIEM or storage provider, like Splunk or Amazon S3. For a quick test of Axoflow, you can use a free Splunk or OpenObserve account as well.

For additional information, visit Axoflow Getting Started Guide.

Installation Steps

  1. Install AxoRouter. For details, visit Install AxoRouter on Linux.
  2. Configure NFO Output to AxoRouter
  3. Log in to the Axoflow Console and add destinations

Configure NFO Output

To send data from NFO to Axoflow, you need to configure an Axoflow output connector within the NetFlow Optimizer interface to point to your AxoRouter instance. In the NFO GUI go to Outputs on the left navigation bar and press the plus sign. Set the following:

Specify AxoRouter IP Address and Port.

Configuring NFO output format as Syslog allows Axoflow to automatically recognize the output as coming from NFO.

Verifying the Integration

Once the Axoflow output is configured in NFO to send data to your Axorouter, log in to the Axoflow Console to verify the integration by:

  1. Checking Axorouter Logs: Review the logs of your Axorouter instance(s) to ensure that data is being received from the NFO server. Look for connection establishment messages and incoming data records.
  2. Monitoring Axoflow Pipelines: Observe your Axoflow pipelines to confirm that the data from NFO is flowing through the configured processing stages after being received by the Axorouter.
  3. Analyzing Data in Downstream Systems: Check the analytics or storage backends connected to Axoflow to ensure that the NFO data is being delivered and is in the expected format.

Use Cases for NFO and Axoflow Integration

  • Centralized Security Observability: Forward enriched NFO data to your Axorouter and then route it to your SIEM alongside other security logs for comprehensive threat detection and analysis.
  • Enhanced Network Performance Monitoring: Combine detailed flow data from NFO with infrastructure metrics within Axoflow for holistic network performance troubleshooting and optimization.
  • Custom Data Pipelines for Compliance: Utilize Axoflow's transformation capabilities, managed through Axorouter, to format and route specific NFO data to compliance logging platforms.
  • Scalable Network Analytics: Leverage Axoflow's scalable architecture, with Axorouter as a key component, to build robust pipelines for analyzing large volumes of NFO data.

By integrating NetFlow Optimizer with Axoflow, utilizing Axorouter as the central data handling component, you can build a powerful and flexible network observability solution that leverages the strengths of both platforms to gain deeper insights into your network traffic and behavior. Refer to the Axoflow documentation (www.axoflow.com/docs/) for detailed information on installing, configuring, and managing your Axoflow environment, including AxoRouter.