NetFlow Logic Documentation
NetFlow Logic Documentation
Home
Downloads
PDF Documents
Free Trial
NetFlow Logic Documetation
NetFlow Optimizer™ and External Data Feeder Overview
Core Products
NetFlow Optimizer™ Installation Guide
NetFlow Optimizer™ Administration Guide
NetFlow Optimizer™ User Guide
External Data Feeder for NFO Installation Guide
External Data Feeder for NFO Administration Guide
NetFlow Optimizer™ and External Data Feeder Release Notes
Integrations and Apps
NetFlow Analytics for Splunk
Network Metrics Content Pack for VMware vRealize Log Insight
Solutions
Cloud Application Visibility & Security
NetFlow-based DDoS Detection
Introduction
Solution Components
NetFlow Optimizer
DDoS Detector Module
DDoS Detector for Splunk App
Appendix 1 - Basic DDoS Attack Types
Appendix 2 - Syslog Formats
Events Correlator (10190 / 20196)
Abnormal Traffic (10190 / 20191)
Elevated New IP Addresses Arrival Rate (10190 / 20192)
Elevated Noise Level in the Network (10190 / 20193)
TCP/IP Vulnerability (10190 / 20194)
TCP/IP Information Details (10190 / 20195)
Application Protocol Level Attack (10190 / 20197)
Application Protocol Level Attack - Active Clients (10190 / 20198)
Low and Slow Attack (10190 / 20199)
Low and Slow Attack – Network Peers (10190 / 20200)
V2P Network Visibility
FAQ
Frequently Asked Questions
SUPPORT
Troubleshooting Guide
Powered by GitBook

Appendix 2 - Syslog Formats

Here are the articles in this section:
Events Correlator (10190 / 20196)
Abnormal Traffic (10190 / 20191)
Elevated New IP Addresses Arrival Rate (10190 / 20192)
Elevated Noise Level in the Network (10190 / 20193)
TCP/IP Vulnerability (10190 / 20194)
TCP/IP Information Details (10190 / 20195)
Application Protocol Level Attack (10190 / 20197)
Application Protocol Level Attack - Active Clients (10190 / 20198)
Low and Slow Attack (10190 / 20199)
Low and Slow Attack – Network Peers (10190 / 20200)
Previous
Appendix 1 - Basic DDoS Attack Types
Next
Events Correlator (10190 / 20196)
Last updated 9 months ago