https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125126#M25810 <P>After some googling I learned that <CODE>cflowd is a flow analysis tool that was used for analyzing Cisco's NetFlow enabled switching method</CODE> So, if it uses <CODE>netflow</CODE> you can check out any of the netflow apps <A href="https://apps.splunk.com/apps/#/search/netflow/page/1">https://apps.splunk.com/apps/#/search/netflow/page/1</A> maybe they can be of help in this case</P> Tue, 10 Feb 2015 11:15:03 GMT MuS 2015-02-10T11:15:03Z https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125123#M25807 <P>Hello. <BR /> A customer is getting external firewall logs from a vendor in "cflowd format".<BR /> Can cflowd format be Splunked? If so, any documentation or info re the same would be awesome.</P> <P>Thanks.</P> Tue, 03 Feb 2015 07:30:45 GMT https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125123#M25807 juthsn 2015-02-03T07:30:45Z https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125124#M25808 <P>Hi juthsn,</P> <P>the answer is as easy as this:</P> <P>If this format is human readable: yes, Splunk can index it.<BR /> If this format is binary/non-readable by humans: no, Splunk cannot index it.</P> <P>For the later, you could still use some external conversion script and have the output of this script index by Splunk.</P> <P>hope this helps ...</P> <P>cheers, MuS</P> Tue, 03 Feb 2015 07:51:19 GMT https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125124#M25808 MuS 2015-02-03T07:51:19Z https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125125#M25809 <P>Hi, let me rephrase then <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span><BR /> Has anybody worked with this format before? We have never seen the raw data in this type of file and are not sure if it is human readable ascii. <BR /> Wasn't able to find a sample file either.</P> <P>Thanks!</P> Tue, 10 Feb 2015 10:16:04 GMT https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125125#M25809 juthsn 2015-02-10T10:16:04Z https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125126#M25810 <P>After some googling I learned that <CODE>cflowd is a flow analysis tool that was used for analyzing Cisco's NetFlow enabled switching method</CODE> So, if it uses <CODE>netflow</CODE> you can check out any of the netflow apps <A href="https://apps.splunk.com/apps/#/search/netflow/page/1">https://apps.splunk.com/apps/#/search/netflow/page/1</A> maybe they can be of help in this case</P> Tue, 10 Feb 2015 11:15:03 GMT https://community.splunk.com/t5/Getting-Data-In/Can-cflowd-format-be-Splunked/m-p/125126#M25810 MuS 2015-02-10T11:15:03Z