NetFlow Logic Documentation
NetFlow Logic Documentation
Home
Downloads
PDF Documents
Free Trial
NetFlow Logic Documetation
NetFlow Optimizer™ and External Data Feeder Overview
Core Products
NetFlow Optimizer™ Installation Guide
NetFlow Optimizer™ Administration Guide
NetFlow Optimizer™ User Guide
External Data Feeder for NFO Installation Guide
External Data Feeder for NFO Administration Guide
Release Notes
Integrations and Apps
NetFlow Analytics for Splunk
Integration with Splunk Enterprise Security
Integration with Elastic
Network Metrics Content Pack for VMware vRealize Log Insight
Solutions
Cloud Application Visibility & Security
NetFlow-based DDoS Detection
Introduction
Solution Components
NetFlow Optimizer
DDoS Detector Module
DDoS Detector for Splunk App
Overview
Installation
DDoS Detector App Dashboards
Appendix 1 - Basic DDoS Attack Types
Appendix 2 - Syslog Formats
V2P Network Visibility
FAQ
Frequently Asked Questions
SUPPORT
Troubleshooting Guide
Support Overview
Powered by GitBook

Overview

DDoS Detector for Splunk Enterprise App (“App”) provides alerting and visualization capabilities for events detected and reported to Splunk by NetFlow Optimizer’s DDoS Detector Module. The operators benefit from being able to address traffic anomalies and DDoS attacks before network devices and servers targeted by DDoS are incapacitated.

Use this App to setup and receive email alerts within minutes after the a DDoS attack is detected. Select the detection confidence level for notifications to reduce false positives. View details of the anomaly, and/or browse through the history of detected attacks, searching for common origins and victims.

Previous
DDoS Detector for Splunk App
Next
Installation
Last updated 1 year ago