Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to monitor and index router bandwidth utilization events in Splunk?

roopeshetty
Path Finder
‎05-25-2016 12:01 AM

Hi

We have newly set up Splunk and it is being used for Windows servers performance reports and dashboards. Now our Network team wants us to send the reports for Bandwidth utilization for a few of their routers. Can somebody please advise us with detailed steps on how to get these router bandwidth utilization events in Splunk? Are there any extra apps required for these?

Regards
Roopesh

0 Karma
Reply

jkat54
SplunkTrust
SplunkTrust
‎05-25-2016 05:33 AM

Detailed steps? We cant write your deployment plan if thats what you're asking.

  1. Enable bandwidth logging on network routers
  2. Forward bandwidth logs to splunk via UDP, etc.
  3. Create your own app to handle the logs, or google "[your router brand] splunk app" and download a previously created splunk app for your specific brand of router. Follow the instructions if you're installing "[your router brand] splunk app"
Reply

roopeshetty
Path Finder
‎05-26-2016 07:27 PM

Hi JKAT54,

So it will not capture the data with its built in TCP or UDP inputs of splunk (Settings > Data Inputs) from routers? Or the NET-SNMP application which we installed on splunk server to capture the SNMP traps? Could you please confirm us on this?

0 Karma
Reply

jkat54
SplunkTrust
SplunkTrust
‎05-27-2016 04:33 AM

Forward bandwidth logs to splunk via UDP, etc.

Doesn't say

You can't forward bandwidth logs to Splunk via UDP nor SNMP.

No clue why you came to those conclusions.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Register for .conf25!
Get Updates on the Splunk Community!

Introduction to Splunk AI

How are you using AI in Splunk? Whether you see AI as a threat or opportunity, AI is here to stay. Lucky for ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Maximizing the Value of Splunk ES 8.x

Splunk Enterprise Security (ES) continues to be a leader in the Gartner Magic Quadrant, reflecting its pivotal ...