NetFlow Logic Documentation
Home
Downloads
Free Trial
Search…
NFO 2.8.1
NetFlow Logic Documetation
NetFlow Optimizerâ„¢ (NFO) Overview
Core Products
NFO Installation Guide
NFO Administration Guide
NFO User Guide
EDFN Installation Guide
EDFN Administration Guide
Release Notes
Integrations and Apps
NetFlow Analytics for Splunk
Integration with Splunk Enterprise Security
Integration with Elasticsearch
Network Metrics Content Pack for VMware vRealize Log Insight
Solutions
Cloud Application Visibility & Security
NetFlow-based DDoS Detection
Introduction
Solution Components
NetFlow Optimizer
DDoS Detector Module
DDoS Detector for Splunk App
Appendix 1 - Basic DDoS Attack Types
Appendix 2 - Syslog Formats
Events Correlator (10190 / 20196)
Abnormal Traffic (10190 / 20191)
Elevated New IP Addresses Arrival Rate (10190 / 20192)
Elevated Noise Level in the Network (10190 / 20193)
TCP/IP Vulnerability (10190 / 20194)
TCP/IP Information Details (10190 / 20195)
Application Protocol Level Attack (10190 / 20197)
Application Protocol Level Attack - Active Clients (10190 / 20198)
Low and Slow Attack (10190 / 20199)
Low and Slow Attack – Network Peers (10190 / 20200)
V2P Network Visibility
FAQ
Frequently Asked Questions
SUPPORT
Troubleshooting Guide
Support Overview
Powered By
GitBook
Appendix 2 - Syslog Formats
Here are the articles in this section:
Events Correlator (10190 / 20196)
Abnormal Traffic (10190 / 20191)
Elevated New IP Addresses Arrival Rate (10190 / 20192)
Elevated Noise Level in the Network (10190 / 20193)
TCP/IP Vulnerability (10190 / 20194)
TCP/IP Information Details (10190 / 20195)
Application Protocol Level Attack (10190 / 20197)
Application Protocol Level Attack - Active Clients (10190 / 20198)
Low and Slow Attack (10190 / 20199)
Low and Slow Attack – Network Peers (10190 / 20200)
Previous
Appendix 1 - Basic DDoS Attack Types
Next
Events Correlator (10190 / 20196)
Copy link