The big boss had a conference call over the weekend. She sent a message to your boss’s boss, which trickled…
Author: Brian Davenport
Brian is experienced in Advanced IPFIX and Flexible NetFlow collection, reporting, security analysis, and threat detection. Since 2012 he has been immersed in many types of flow-related solutions. Brian also enjoys fishing.
Reporting on Microsoft O365 with flow data
Posted on - by Brian Davenport
When thinking about extracting maximum value from network metadata such as Netflow, IPFIX, SFlow, etc., data enrichment becomes extremely important. Have you…
How to correlate Cisco Umbrella alerts with private IP addresses
Posted on - by Brian Davenport
The cloud-first movement is taking over every facet of information technology, and DNS is not excluded. There are tons of…
Integrate Grafana and Scrutinizer—reprise
Posted on - by Brian Davenport
Companies today seem to be screaming for easy access to time series data, and there are a few rising stars…
Why Data Enrichment Matters with NetFlow
Posted on - by Brian Davenport
Do you wanna build a NetFlow? Doesn’t have to be a NetFlow… Network metadata (NetFlow, IPFIX, sFlow, etc.) provides a…
Cisco ASA Access List Reporting
Posted on - by Brian Davenport
If you are ever out to dinner with friends talking about which network devices have the strangest exports, the Cisco…
How to Filter Network Traffic
Posted on - by Brian Davenport
When it comes to filtering network traffic, a scenario that appears simple in nature can be hard to accomplish at…
QRadar NetFlow Integration
Posted on - by Brian Davenport
In the IT vendor space, there is often debate on which is better: one solution that handles everything, or best-of-breed…
Username Reporting – NetFlow Integration with ForeScout CounterACT
Posted on - by Brian Davenport
User attribution is one of the things I’m asked for most frequently by customers who are looking at network traffic…
How to Integrate Grafana with NetFlow (Part 2)
Posted on - by Brian Davenport
UPDATE: A new version of documentation is available here and an updated blog is available here. This week I have…
