Michael Patterson : Advanced NetFlow Traffic Analysis
Michael Patterson
Founder and Product manager for Plixer's Scrutinizer NetFlow and sFlow Analyzer as well as Flow Analytics.

splunk issues

Log Management Solutons

October 14, 2012

Here is some good news for the log management software industry: appliance vendors exporting machine messages (e.g. syslog, SNMP Traps, Event Logs, NetFlow, etc.) can now export everything in one common format using IPFIX.  This technology has been around for years and allows vendors to export machine messages in a structured format. Unlike traditional logs which are unstructured, IPFIX messages are much easier to save to a database and query.  Experienced system admins know that the problem they face when trying to manage logs or analyze logs is often the sheer volume.  Most log analyzer tools start to choke under a massive volume.  IPFIX is a technology break through that solves scalability issues for most consumers.  Cisco ASA syslog reporting can be improved by exporting the messages as IPFIX as shown below:

Featured Events