Monitoring Splunk

Monitoring network traffic on a sub-net

gtrapp
New Member

I'd like to monitor network traffic on a sub-net with ~ 10 hosts. This is a remote office with no server and I can get to the network via a frame-relay connection. I cannot modify any settings on the frame-relay router and the switch is this office is not managable. I'm trying to get splunk Ver 4.2.4 to do this but having trouble. Is there a step-by-step to setting this up?

Thanks in advance.

Tags (1)
0 Karma

gtrapp
New Member

I'm basing my question on this link: "Free Network Monitoring / www.splunk.com/Network_Monitoring / Monitor Your Network for slow or failing components. Free Download!" which Splunk is advertising on google search pages.
From the download page and some of the questions I reviewed (before installing the product) it seemed like I could capture network traffic and then easily analyze it in Splunk. I've tried capturing network traffic through a TCPIP connection but that doesn't seem to work.

0 Karma

Ayn
Legend

I haven't seen the ads so I don't know what they're claiming. You cannot use Splunk to directly capture network traffic.

0 Karma

Ayn
Legend

What exact role are you expecting Splunk to have in this? Splunk does not in itself have any network monitoring capabilities. Sure, you could build something that records network data and feeds it to Splunk in non-binary format, Splunk will happily index anything resembling text data. Your issue seems to have more with how to get the monitoring going rather than what to do with the data in Splunk once it's there, though. As such I'm fairly sure there is no step-by-step guide for you to follow, but if you elaborate a bit more on what you would like Splunk to do in your setup we can take it from there.

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...