My concern is if I have a licensed Splunk server and install this app, should I get a license for NetFlow integrator? Considering the capabilities of the NetFlow integrator that comes with the app fit my requirement.

Hi Fedsan,

NetFlow Integrator™ is a software-only, rule-based streaming system. It receives NetFlow records from network devices and intelligently converts this information in real time into syslog messages, and sends them to traditional SIEM systems, like Splunk. The rules are plug-ins that provide a variety of network visibility and security services. By consolidating NetFlow records, the product reduces the amount of data forwarded to SIEM systems without losing information veracity.

Our FREE Limited Edition of NetFlow Integrator has only one conversion rule that translates v5, v9 NetFlow to syslog one-to-one without any pre-processing or consolidation. It is bundled with NetFlow for Splunk application, but could be installed on a separate server, with Splunk Forwarder, or in virtual environment.

If you are interested in consolidation and processing of other NetFlow such as; Palo Alto Networks, Cisco NSEL, then you will want to try either our NetFlow Essential or our Standard Edition.