This app is archived. Learn more

sFlow Analyzer for Splunk

sFlow Analyzer for Splunk collects and decodes sFlow samples using Wireshark. It is designed to provide visibility into VXLAN overlay traffic. A JSON-formatted event is generated for each sample with all decoded header fields. Any sFlow-capable switch can be used as a packet sniffer and sampled data can be decoded and indexed remotely. sFlow samples are UDP-encapsulated and can easily traverse L3 boundaries. sFlow Analyzer for Splunk includes a dashboard which enriches sampled data with DNS, ethertype, IP protocol and TCP/UDP port lookups to generate top talker, destination and application charts. The sFlow Analyzer for Splunk dashboard has a radio button allowing users to choose how they want to visualize stats: underlay or VXLAN overlay. When VXLAN overlay is selected, all top talker, destination and application charts will show VXLAN overlay hosts and applications.

Built by

Latest Version 1.0.0

June 5, 2020

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0

Rating

0

(0)

Log in to rate this app

Support

Not Supported

sFlow Analyzer for Splunk collects and decodes sFlow samples using Wireshark. It is designed to provide visibility into VXLAN overlay traffic. A JSON-formatted event is generated for each sample with all decoded header fields. Any sFlow-capable switch can be used as a packet sniffer and sampled data can be decoded and indexed remotely. sFlow samples are UDP-encapsulated and can easily traverse L3 boundaries. sFlow Analyzer for Splunk includes a dashboard which enriches sampled data with DNS, ethertype, IP protocol and TCP/UDP port lookups to generate top talker, destination and application charts. The sFlow Analyzer for Splunk dashboard has a radio button allowing users to choose how they want to visualize stats: underlay or VXLAN overlay. When VXLAN overlay is selected, all top talker, destination and application charts will show VXLAN overlay hosts and applications.