Smart Logging Telemetry (SLT) is one of the latest NetFlow v9 exports from Cisco. This new export is very unique because the data in the flows isn’t just used for traditional NetFlow reporting such as top hosts or top applications. The hardware (e.g. Catalyst 3XXX) supporting this technology is actually helping to secure today’s networks by performing a type of network behavior analysis on the traffic trying to traverse the switch fabric.
Smart Logging and Telemetry:
- Cisco Smart Logging and Telemetry (SLT): This new technology exports NetFlow messages for traffic that is associated to a specific event on a switch (for example, an event triggered by an ACL-permitted or -denied packet).
- Layer 2 features such as Dynamic ARP Inspection, Dynamic Host Configuration Protocol (DHCP) Snooping, IP Source Guard, and Port ACLs can now log events (such as policy violations) to an external analyzer device by exporting event information and portions of packets over a NetFlow v9 transport.
- Available on the Catalyst 3750, 3560, 3750E, 3560E, 3750x, 3560x
The above support is shipping with our next major release.