Warning

This app is archived. App archiving documentation

Gigamon Metadata Application For Splunk app icon

Gigamon Metadata Application For Splunk

The Gigamon Metadata Application for Splunk allows customers to easily select, index and display network metadata generated by the GigaSECURE Security Delivery Platform.

Built by
splunk product badge
Latest Version 1.2.1
June 4, 2018
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
CIM Version: 4.x
Rating

5

(2)

Log in to rate this app
Support
Gigamon Metadata Application For Splunk support icon
Not Supported
The Gigamon Metadata Application for Splunk allows customers to easily select, index and display network metadata generated by the GigaSECURE Security Delivery Platform. The GigaSECURE Security Delivery Platform allows users to extract and consolidate metadata from any monitored network traffic flows, package them into NetFlow v5, v9, IPFIX and CEF records, then send them to Splunk Enterprise for indexing. Gigamon has enriched the Metadata records with information including URL information, HTTP/HTTPS return codes, and DNS query/response information, all of which provide the ability to rapidly diagnose security events for use cases such as, identifying rogue DNS services, spotting potential Command and Control server communications using high entropy domains and detecting use of non trusted or self-signed certificates for SSL-decrypted traffic that could indicate nefarious activity.

Categories

IT Operations, Security, Fraud & Compliance

Created By

Gigamon Inc.

Type

app

Downloads

1,219

Licensing

End User License Agreement for Third-Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing