Technology Add-on for NetFlow

The Technology Add-on for NetFlow (TA-netflow) is the data foundation for NetFlow Logic's Splunk integrations. It collects flow data and SNMP telemetry processed by NetFlow Optimizer (NFO) and delivers CIM-compliant, enriched network data to Splunk — enabling network traffic analysis, device health monitoring, and security threat detection across on-premises and multi-cloud environments. What this TA provides: - CIM-compliant field mappings — flow and SNMP data mapped to Splunk's Common Information Model for seamless integration with Enterprise Security, ITSI, and custom searches - Multi-format flow support — NetFlow v5/v9, sFlow, IPFIX, JFlow, AppFlow - Cloud flow log support — AWS VPC Flow Logs, Microsoft Azure NSG Flow Logs, Google Cloud VPC Flow Logs, Oracle Cloud Infrastructure - SNMP data collection — device and interface telemetry via SNMPv2c and SNMPv3, including traps - Enriched data inputs — receives pre-enriched data from NFO including DNS names, GeoIP, IP reputation, application identity, and user context This TA is required by: - NetFlow and SNMP Analytics for Splunk (https://splunkbase.splunk.com/app/489/) — full network traffic analysis and SNMP monitoring app - Content Pack for SNMP and NetFlow (https://splunkbase.splunk.com/app/7712/) — pre-built service templates and KPIs for Splunk ITSI and IT Essentials Work Requirements: NetFlow Optimizer (NFO) is required as the upstream flow processing engine. This TA does not collect flow data directly from network devices — NFO handles collection, normalization, and enrichment before forwarding to Splunk. Start a free 60-day trial of NetFlow Optimizer at netflowlogic.com/free-trial.