Skip to main content
Version: Next

Installation Overview

Installation Steps in AWS

  1. Install NetFlow Optimizer AWS AMI in one of your AWS accounts
  2. Configure NFO output for Splunk or other syslog/JSON receiving system (IP address and port number where NFO sends out syslogs)
  3. Configure VPC Flow Logs
  4. Configure NFO AWS VPC Flow Logs Modules and corresponding EDFN Agent
  5. Install NetFlow Analytics for Splunk App and TA-netflow Add-on
  6. In Splunk select NetFlow Analytics for Splunk App and go to Cloud > Amazon AWS > AWS Traffic Overview

Installation Steps in Azure

  1. Install NetFlow Optimizer in one of your Azure accounts
  2. Configure NFO output for Splunk or other syslog/JSON receiving system (IP address and port number where NFO sends out syslogs)
  3. Configure NSG Flow Logs
  4. Configure NFO Azure NSG Flow Logs Modules and corresponding EDFN Agent
  5. Install NetFlow Analytics for Splunk App and TA-netflow Add-on
  6. In Splunk select NetFlow Analytics for Splunk App and go to Cloud > Microsoft Azure > Azure Traffic Overview

Installation Steps in GCP

  1. Install NetFlow Optimizer in one of your GCP accounts
  2. Configure NFO output for Splunk or other syslog/JSON receiving system (IP address and port number where NFO sends out syslogs)
  3. Configure VPC Flow Logs
  4. Configure NFO GCP VPC Flow Logs Modules and corresponding EDFN Agent
  5. Install NetFlow Analytics for Splunk App and TA-netflow Add-on
  6. In Splunk select NetFlow Analytics for Splunk App and go to Cloud > Google Cloud > GCP Traffic Overview

Installation Steps on Premises

  1. Install NetFlow Optimizer – Linux or Windows in your data center
  2. Install EDFN in one of your AWS / Azure / Google Cloud accounts and configure EDFN to NFO communications (one line config parameter) or configure EDFN installed with NFO in your data center to access your AWS / Azure / Google Cloud account
  3. Configure NFO output for Splunk (IP address and port number where NFO sends out syslogs)
  4. Configure VPC (NSG) Flow Logs
  5. Configure NFO AWS / Azure / GCP Flow Logs Modules and corresponding EDFN Agent
  6. Install NetFlow Analytics for Splunk App and TA-netflow Add-on
  7. In Splunk, select NetFlow Analytics for Splunk App and go to Cloud > Amazon AWS (or Microsoft Azure or Google Cloud)