Overview

DDoS Detector for Splunk Enterprise App (“App”) provides alerting and visualization capabilities for events detected and reported to Splunk by NetFlow Optimizer’s DDoS Detector Module. The operators benefit from being able to address traffic anomalies and DDoS attacks before network devices and servers targeted by DDoS are incapacitated.

Use this App to setup and receive email alerts within minutes after the a DDoS attack is detected. Select the detection confidence level for notifications to reduce false positives. View details of the anomaly, and/or browse through the history of detected attacks, searching for common origins and victims.