All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Network Toolkit - Question

ricky_riswanto
Engager
‎07-14-2020 09:11 PM

Hi All, 

Needs your info and suggestion, can we use this app https://splunkbase.splunk.com/app/3491/#/details  to get network hierarchy automatically? like network auto discovered? 

If not, does splunk has network auto discovery feature or mechanism?

 

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Spranta
Splunk Employee
Splunk Employee
‎07-15-2020 06:19 AM

You can, for example, create a script that pings  a whole subnet and write the output into a csv so you can use this to create the inputs.conf automatically, or you might have a cmdb that can create such a csv?

View solution in original post

0 Karma
Reply
Solved! Jump to solution

lekanneer
Loves-to-Learn Lots
‎04-10-2021 08:09 AM

I think it is better to import network communcation logs and then update them in my solution.

If you're looking for an efficient and functional ServiceNow to Splunk integration (also CMDB) take a look at: https://www.thedutchdatadifference.nl/splunk-servicenow/

I created that solution and continuously adding new features. It is meant to host all sorts of nodes and relationships. And I can imagine that the network communication logs can be one of them. And then even combine with what is already defined in CMDB.

0 Karma
Reply
Solved! Jump to solution

Spranta
Splunk Employee
Splunk Employee
‎07-15-2020 05:42 AM

Hi Ricky,

as far as i know the network toolkit doesn't have any autodiscovery features.
We are creating are our input for the network toolkit from a csv file, so if you have any tool that is able to create a csv or whatever you can for example use a python script to feed the inputs.conf

 

Alex

0 Karma
Reply
Solved! Jump to solution

ricky_riswanto
Engager
‎07-15-2020 06:06 AM

Hi Alex,


Thanks for your response, understand your point to create input.conf file. But somehow if we need to define all ip address into input.conf manually then it will not efficient.

Btw, can we use "traceroute" operation to collect route ip and gets flow network?      

Tags (1)
0 Karma
Reply
Solved! Jump to solution
Solution

Spranta
Splunk Employee
Splunk Employee
‎07-15-2020 06:19 AM

You can, for example, create a script that pings  a whole subnet and write the output into a csv so you can use this to create the inputs.conf automatically, or you might have a cmdb that can create such a csv?

0 Karma
Reply
Solved! Jump to solution

ricky_riswanto
Engager
‎07-15-2020 07:17 AM

Hi Alex,

Yes agree cmdb if better option for master data reference ip address. So we can lookup into cmdb then convert into input.conf file. Btw, did fping available on input.conf?

Tags (1)
0 Karma
Reply
Solved! Jump to solution

Spranta
Splunk Employee
Splunk Employee
‎07-15-2020 07:21 AM

No i don't think that fping is available.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...