Getting Data In

Anyone interested in Splunk for Sampled NetFlow and sFlow?

Contributor

Sampled NetFlow is available on some Cisco devices. sFlow is a feature of HP routers and switches. These features allow collecting NetFlow statistics for a subset of traffic on the interface, selecting only one out of "N" sequential packets, where "N" is a configurable parameter. It is used to improve router’s CPU utilization and to reduce the volume of generated NetFlow records.

Is there any interest in integrating Sampled NetFlow or sFlow into Splunk?

Tags (3)

Contributor

sFlow is now supported by NetFlow Integrator! It enables you to collect Sflow and monitor network traffic in our Splunk App.

  1. Download NetFlow Integrator: https://www.netflowlogic.com/download/
  2. Register to get a trial license: https://www.netflowlogic.com/register-form/
  3. Download our Application and Network Monitoring App at https://splunkbase.splunk.com/app/489/ and TA (https://splunkbase.splunk.com/app/1838/) to see the Sflow data in Dashboards and Reports
0 Karma

Explorer

We use Inmon for Sflow analytics today. I'd like to move to a single application as much as possible, but Inmon provides a lot of visibility for SFlow, SFlow-HTTP and IPFix.

In the future, I'd also like to be able to use IF-MAP to communicate with IPAM (Infoblox) and other asset/traffic management appliances, to give the SFlow/IPFix tools more granular knowledge about the network traffic and the user creating that traffic.

0 Karma

Contributor

I would be very interested in it please. We use sflow (brocade) only.

0 Karma

Contributor

We are working on sFlow support in our product (Standard edition) and it is coming soon. We'd love to talk to you about how you will be using sFlow in Splunk. Please contact us at support@netflowlogic.com.

0 Karma

Contributor

Samples NetFlow is now supported in NetFlow Integrator. We are going to support sFlow and would like to hear from you.

How do you envision sFlow support in Splunk?

0 Karma

Engager

yes very interested

Contributor

Please contact us directly to discuss this further. support@netflowlogic.com

0 Karma

Engager

both, but my immediate needs are for sflow. I've sampled the current netflow for splunk app and it doesn't have sflow compiled in.

0 Karma

Contributor

Sampled NetFlow or sFlow or both? If Sampled NetFlow, is it v5, v9, or both?

0 Karma