Sumo Logic
Integrating NetFlow Optimizer (NFO) with Sumo Logic provides real-time network intelligence across your hybrid cloud infrastructure. By utilizing the NetFlow App for Sumo Logic, organizations can transform massive volumes of raw flow data into searchable, enriched security and operational insights.
The NFO Advantage for Sumo Logic
NFO is designed to feed Sumo Logic high-fidelity data while keeping ingestion costs under control.
- Massive Volume Reduction: NFO identifies and aggregates similar flow records—reducing volume by 80% to 90%—allowing you to stay within your Sumo Logic data tier while maintaining full visibility.
- Real-Time Enrichment: NFO adds critical context (DNS names, VM names, GeoIP, and Reputation) before data ingestion, enabling faster troubleshooting and threat hunting.
- Marketplace Readiness: Our pre-built App for Sumo Logic provides out-of-the-box dashboards, saving your team weeks of manual query building.
Integration Architecture
NFO acts as an enrichment layer that pushes structured JSON logs to your Sumo Logic environment.
- Collection: NFO gathers flows (NetFlow, IPFIX, sFlow) from your environment.
- Processing: Data is reduced in volume and enriched with metadata.
- Ingestion: Data is sent securely to a Sumo Logic HTTP Source.
- Visualization: Use the NetFlow App to visualize traffic patterns and security threats.
Get Started
1. Deployment & Configuration
Learn how to set up your Sumo Logic Hosted Collector and configure the NFO Output.
2. NetFlow App Reference
Explore the pre-built dashboards and learn how to configure the required lookup files for protocols and ports.