Solution Components

Cloud Flow Logs Processing

Component	Platform	Description
NetFlow Optimizer (NFO) RLS 2.8.x	AWS AMI, Linux or Windows	This is a processing engine for any flow data: NetFlow, IPFIX, sFlow, J-Flow, AWS or GCP VPC Flow Logs, etc. Available for Windows, Linux, or as Virtual Appliance. Downloadable from https://www.netflowlogic.com/downloads/. AMI image for AWS https://aws.amazon.com/marketplace/pp/B084SNHSXH/
External Data Feeder for NFO (EDFN) RLS 2.8.x	AWS AMI, Linux or Windows	VPC Flow Logs are ingested by an EDFN agent, and sent to NFO via UDP. EDFN is included in NFO installer.
AWS VPC Flow Logs Modules	NetFlow Optimizer 2.8.0	There are two NFO Modules designed specifically for AWS VPC Flow Logs. AWS VPC Flow Logs Modules are included in NFO installer.
Azure NSG Flow Logs Modules	NetFlow Optimizer 2.8.0	There are two NFO Modules designed specifically for Azure NSG Flow Logs. Azure NSG Flow Logs Modules are included in NFO installer.
GCP VPC Flow Logs Modules	NetFlow Optimizer 2.8.1	There are two NFO Modules designed specifically for GCP VPC Flow Logs. GCP VPC Flow Logs Modules are included in NFO installer.

Visualization, Reporting, and Alerting

Component	Platform	Description
NetFlow Analytics for Splunk (Splunk App)	Splunk Enterprise or Splunk Cloud	The App includes AWS and VPC Flow Logs dashboards, accessible by going to App menu: Cloud > AWS > or Coud > GCP. Downloadable from https://splunkbase.splunk.com/app/489/
Technology Add-on for NetFlow (Splunk Add-on)	Splunk Enterprise or Splunk Cloud	Splunk TA to be installed on Splunk indexer and search head. Downloadable from https://splunkbase.splunk.com/app/1838/