Getting Data In

How to monitor and index router bandwidth utilization events in Splunk?

roopeshetty
New Member

Hi

We have newly set up Splunk and it is being used for Windows servers performance reports and dashboards. Now our Network team wants us to send the reports for Bandwidth utilization for a few of their routers. Can somebody please advise us with detailed steps on how to get these router bandwidth utilization events in Splunk? Are there any extra apps required for these?

Regards
Roopesh

0 Karma

jkat54
SplunkTrust
SplunkTrust

Detailed steps? We cant write your deployment plan if thats what you're asking.

  1. Enable bandwidth logging on network routers
  2. Forward bandwidth logs to splunk via UDP, etc.
  3. Create your own app to handle the logs, or google "[your router brand] splunk app" and download a previously created splunk app for your specific brand of router. Follow the instructions if you're installing "[your router brand] splunk app"

roopeshetty
New Member

Hi JKAT54,

So it will not capture the data with its built in TCP or UDP inputs of splunk (Settings > Data Inputs) from routers? Or the NET-SNMP application which we installed on splunk server to capture the SNMP traps? Could you please confirm us on this?

0 Karma

jkat54
SplunkTrust
SplunkTrust

Forward bandwidth logs to splunk via UDP, etc.

Doesn't say

You can't forward bandwidth logs to Splunk via UDP nor SNMP.

No clue why you came to those conclusions.

0 Karma