Skip to content

kinneygroup/itsi-netflow

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
appserver
appserver
 
 
default
default
 
 
itsi
itsi
 
 
metadata
metadata
 
 
static
static
 
 
.slimignore
.slimignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app.manifest
app.manifest
 
 

Repository files navigation

Summary

The ITSI Content Pack for NetFlow from Presidio Splunk Solutions is specifically designed to monitor the health and performance of network infrastructure. It leverages Splunk ITSI to provide in-depth analysis and visualization of network traffic, flows, and interface metrics, ensuring critical systems are operating optimally. This content pack is an essential tool for IT professionals looking to enhance the reliability and performance of their network infrastructure.

  • Comprehensive Network Monitoring: Offers detailed insights into network traffic volume, flow analysis, and interface performance, enabling optimized network management.
  • Critical Network Health Tracking: Monitors the real-time operational status of network components, helping IT professionals swiftly identify and address potential issues.
  • Enhanced Network Efficiency: Facilitates better decision-making on network resource allocation and adjustments by analyzing performance trends and detecting inefficiencies.

This ITSI Content Pack is open source and available for community collaboration and enhancement on GitHub.

For more information about Presidio Splunk Solutions' Splunk Products, visit our website.

Details

The ITSI Content Pack for NetFlow contains service definitions and KPIs ready to import to ITSI. The KPI Thresholds and importance values are set to defaults so that they can be tuned manually for your use case. After configuration, this content pack provides a comprehensive view of network health and performance.

Presidio Splunk Solutions ITSI Content Pack Blog

For more information about Presidio Splunk Solutions' Splunk Products, visit our website.

Services

NetFlow monitoring encompasses several specialized services, each targeting specific aspects of network performance:

  1. Network Health
    • Description: Network Health is the overarching service that encompasses all aspects of network performance and health. It relies on detailed monitoring of traffic, flow, and interface metrics to provide a comprehensive view.
    • Source: docs.netflowlogic.com
  2. Traffic Monitoring
    • Description: Traffic Monitoring is essential for understanding the amount and type of data being transferred over the network. It depends on analyzing traffic volume, protocol distribution, and identifying top talkers.
    • Source: docs.netflowlogic.com
  3. Flow Analysis
    • Description: Flow Analysis focuses on the behavior of network sessions. It requires detailed metrics on the number of flows, their duration, and direction to identify potential issues.
    • Source: docs.netflowlogic.com
  4. Interface Monitoring
    • Description: Interface Monitoring ensures that network interfaces are performing optimally and not overburdened. It relies on metrics like utilization and error rates.
    • Source: docs.netflowlogic.com

KPIs

Each service utilizes specific KPIs to measure its effectiveness:

  1. Traffic Volume
    • Description: Monitor the amount of data being transferred over the network.
    • Source: docs.netflowlogic.com
  2. Top Talkers
  3. Protocol Dist
    • Description: Monitor the types of protocols being used and their respective traffic volumes.
    • Source: docs.netflowlogic.com
  4. Flow Count
  5. Latency
    • Description: Measure the time it takes for data to travel from the source to the destination.
    • Source: docs.netflowlogic.com
  6. Interface Util
  7. Errors
  8. Packet Loss
    • Description: Monitor the percentage of packets that are lost during transmission.
    • Source: docs.netflowlogic.com

Relationships

Dependencies:

Services are interconnected; for instance, Network Health is dependent on Traffic Monitoring, Flow Analysis, and Interface Monitoring. Similarly, Traffic Monitoring relies on Volume Analysis, Protocol Distribution, and Top Talkers.

Hierarchical Structure:

Some services form a hierarchy, such as Traffic Monitoring depending on Volume Analysis, Protocol Distribution, and Top Talkers, illustrating a layered approach to performance monitoring where base metrics support broader performance indicators.

Installation

Installation prerequisites:

Splunk Addon for NetFlow

Splunk App for Content Packs

Splunk ITSI

Troubleshooting

Presidio Splunk Solutions ITSI Content Pack Blog

Github and Readme

atlassupport@presidio.com

Contact

To provide feedback, visit our Github and Readme for our content packs.

atlassupport@presidio.com

For more information about Presidio Splunk Solutions' Splunk Products, visit our website.

Version History

Version Date Description
0.0.1 05/21/24 Initial Preview Release
1.0.0 05/14/25 Documentation Update

Considerations:

Presidio Splunk Solutions ITSI Content Pack Blog

About

Atlas ITSI Content Pack for Netflow

Topics

netflow cisco splunk observability itsi

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published