Solved: Splunk Add-on for Netflow Windows compatibility

jmcrabb · ‎02-13-2014

Are there plans to make a Windows Server compatible version of this add-on? If so, what's the timeframe?

Jim

rgaleone1 · ‎02-14-2014

Jim -
This TA relies on NFDUMP tools to capture, and translate NetFlow off the wire, from binary data into flat files for indexing into Splunk. NFDUMP tools are only available for *nix systems at this time and I don't see them being ported to Windows anytime soon. This is out of the control of Splunk, but I would point you to NetFlow for Splunk powered by NetFlow Integrator. NetFlow Integrator is compatible with Windows, although I've never used it on a Windows box. A link to NFDUMP tools should you consider spinning up a *nix box.

Hope this helps.

[Edit]: Additional answers to similar questions.

View solution in original post

rgaleone1 · ‎02-14-2014

Jim -
This TA relies on NFDUMP tools to capture, and translate NetFlow off the wire, from binary data into flat files for indexing into Splunk. NFDUMP tools are only available for *nix systems at this time and I don't see them being ported to Windows anytime soon. This is out of the control of Splunk, but I would point you to NetFlow for Splunk powered by NetFlow Integrator. NetFlow Integrator is compatible with Windows, although I've never used it on a Windows box. A link to NFDUMP tools should you consider spinning up a *nix box.

Hope this helps.

[Edit]: Additional answers to similar questions.

jmcrabb · ‎02-14-2014

Thanks for the info!

Splunk Add-on for Netflow Windows compatibility

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases