Radware Cyber Controller Event Collector

The Radware DefensePro & VRM Integration App for Splunk provides real-time and historical visibility into DDoS mitigation and traffic behavior across Radware DefensePro devices managed by Radware Cyber Controller. This app solves the challenge of monitoring mitigation effectiveness and attack impact by collecting, normalizing, and indexing key DefensePro metrics directly into Splunk. It enables security and network teams to analyze mitigation bandwidth, traffic rates, and attack categories across single or multiple DefensePro devices from a centralized Splunk interface. By leveraging Radware CC APIs, the app dynamically discovers DefensePro devices and continuously ingests: Mitigation bandwidth per attack category (e.g., Behavioral DoS, Anomalies) Traffic statistics and rates per DefensePro Time-based metrics suitable for dashboards, alerts, and forensic analysis The app empowers SOC, NOC, and DDoS response teams to: Visualize mitigation bandwidth trends over time Compare attack impact across DefensePro devices Identify dominant attack categories during mitigation events Correlate Radware mitigation data with other security and network telemetry in Splunk This integration reduces operational blind spots, eliminates manual data extraction from CC, and provides a scalable analytics foundation for proactive DDoS monitoring and incident response.