This free app is meant for:
This App from ntop.org allows you to ingest Flow data in Splunk® Free.
Get started in 3 easy steps:
nprobe -T "%IPV4_SRC_ADDR %L4_SRC_PORT %IPV4_DST_ADDR %L4_DST_PORT %PROTOCOL %IN_BYTES %OUT_BYTES %FIRST_SWITCHED %LAST_SWITCHED %HTTP_SITE %HTTP_RET_CODE %IN_PKTS %OUT_PKTS %IP_PROTOCOL_VERSION %APPLICATION_ID %L7_PROTO_NAME %ICMP_TYPE" --tcp "127.0.0.1:3333" -b 2 -i eth0 --json-labels
Here is how it works:
Flow is sent from your nProbe instance over the TCP protocol to port 3333. The nProbe bundled with the app receives the data and converts it into JSON messages. The data is sent to the local Splunk TCP data input 3333 which was created for you during the app installation.
Please read the Quick Start Guide (SPLUNK_HOME/ect/apps/nprobe/appserver/static).
Completed http template support.
Installation process improved
nProbe app for Splunk.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.