Solution Components
Component | Platform | Description |
NetFlow Optimizer (NFO) RLS 2.8.x | AWS AMI, Linux or Windows | This is a processing engine for any flow data: NetFlow, IPFIX, sFlow, J-Flow, AWS or GCP VPC Flow Logs, etc. Available for Windows, Linux, or as Virtual Appliance. Downloadable from https://www.netflowlogic.com/downloads/​ ​ AMI image for AWS https://aws.amazon.com/marketplace/pp/B084SNHSXH/​ |
External Data Feeder for NFO (EDFN) RLS 2.8.x | AWS AMI, Linux or Windows | VPC Flow Logs are ingested by an EDFN agent, and sent to NFO via UDP. EDFN is included in NFO installer. |
AWS VPC Flow Logs Modules | NetFlow Optimizer 2.8.0 | There are two NFO Modules designed specifically for AWS VPC Flow Logs. AWS VPC Flow Logs Modules are included in NFO installer. |
Azure NSG Flow Logs Modules | NetFlow Optimizer 2.8.0 | There are two NFO Modules designed specifically for Azure NSG Flow Logs. Azure NSG Flow Logs Modules are included in NFO installer. |
GCP VPC Flow Logs Modules | NetFlow Optimizer 2.8.1 | There are two NFO Modules designed specifically for GCP VPC Flow Logs. GCP VPC Flow Logs Modules are included in NFO installer. |
Component | Platform | Description |
NetFlow Analytics for Splunk (Splunk App) | Splunk Enterprise or Splunk Cloud | The App includes AWS and VPC Flow Logs dashboards, accessible by going to App menu: Cloud > AWS > or Coud > GCP. Downloadable from https://splunkbase.splunk.com/app/489/​ |
Technology Add-on for NetFlow (Splunk Add-on) | Splunk Enterprise or Splunk Cloud | Splunk TA to be installed on Splunk indexer and search head. Downloadable from https://splunkbase.splunk.com/app/1838/​ |