netflow analytics for splunk error in configuratio...

salmanbpc · ‎09-10-2019

getting error in Netflow analysis for splunk app.

Error Below:
You see this message because there is no data for the selected Time Range.

This dashboard is populated by NetFlow Optimizer (NFO) Logic Module “10067: Top Traffic Monitor” (syslogs with nfc_id=20067). This Module identifies hosts with the most traffic. It consolidates NetFlow records over a period of time (Data Collection Interval) which all have the same combination of the following fields: Source IP address, Destination IP address, Source port number, Destination port number, Layer 3 protocol, Input interface, Output interface. This Module is packaged in NFO “Network Traffic and Devices Monitor” Module Set.

Please either change the Time Range or make sure that this NFO Logic Module is enabled. See Settings > Configuration page of this App for more details.

can anybody guide me to do the step by step configuration of this app????

is there any seperate license required for Netflow analytics app????

ofedorova · ‎10-22-2019

NetFlow Analytics for Splunk App relies on flow data processed by NetFlow Optimizer™ (NFO).

You also need to install the Technology Add-on for NetFlow (TA-netflow) on your search heads, indexers, and forwarders. To download TA-netflow please visit:

https://splunkbase.splunk.com/app/1838/

You can download NFO and get free trial license here:

https://www.netflowlogic.com/downloads/

netflow analytics for splunk error in configuration?

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?