Getting Data In

How to monitor and index router bandwidth utilization events in Splunk?

roopeshetty
Path Finder

Hi

We have newly set up Splunk and it is being used for Windows servers performance reports and dashboards. Now our Network team wants us to send the reports for Bandwidth utilization for a few of their routers. Can somebody please advise us with detailed steps on how to get these router bandwidth utilization events in Splunk? Are there any extra apps required for these?

Regards
Roopesh

0 Karma

jkat54
SplunkTrust
SplunkTrust

Detailed steps? We cant write your deployment plan if thats what you're asking.

  1. Enable bandwidth logging on network routers
  2. Forward bandwidth logs to splunk via UDP, etc.
  3. Create your own app to handle the logs, or google "[your router brand] splunk app" and download a previously created splunk app for your specific brand of router. Follow the instructions if you're installing "[your router brand] splunk app"

roopeshetty
Path Finder

Hi JKAT54,

So it will not capture the data with its built in TCP or UDP inputs of splunk (Settings > Data Inputs) from routers? Or the NET-SNMP application which we installed on splunk server to capture the SNMP traps? Could you please confirm us on this?

0 Karma

jkat54
SplunkTrust
SplunkTrust

Forward bandwidth logs to splunk via UDP, etc.

Doesn't say

You can't forward bandwidth logs to Splunk via UDP nor SNMP.

No clue why you came to those conclusions.

0 Karma
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...