Support for Splunk and ElasticSearch is built into the core of the Scrutinizer Network Incident Response System. When the flow data is displayed in the Splunk dashboard, richer details are only a click away. Drill in on IP addresses and start filtering by including and excluding details until the root cause of the problem is made clear.
Unified Flow Collection—Massively Scalable
No other company deciphers the breadth of vendor flow exports that Plixer can:
Adtran
Alcatel
Avaya
Barracuda
BlueCoat
Cisco
Citrix
Dell
Ecessa
Emulex
Enterasys
F5
Fatpipe
Force10
Fortinet
Foundry
Gigamon
HP
IBM
Juniper
Meraki
nProbe
Open vSwitch
Palo Alto Networks
pfSense
Procera
Riverbed
SilverPeak
Solera YAF
Sophos
Ubiquiti
VMware vSphere
VMware VDS
VMware VSX
VMware vSwitch
VXLAN
Xirrus
YAF
Ziften
Scrutinizer is capable of collecting millions of flows per second and it can unify the flow exports from all of the network devices. It then makes them searchable through the Splunk dashboard.
Incredibly Fast Searching
Enter an IP address or a username and click “search.” Within a few seconds, Scrutinizer will find the device across dozens of collectors that could be receiving flows from tens of thousands of routers, switches, firewalls, and virtual servers. Drill in for details to determine who, what, when, where, and how much. Users always have the ability to jump back to Splunk to view the logs related to the host. It’s just a simple click to get back to the related data in the Splunk interface.
When greater context is needed, Scrutinizer can provide details on username, operating system, and more by integrating with 3rd-party authentication systems such as Microsoft Active Directory, Cisco ISE, and others. Network incident response with the right context is where Scrutinizer and Splunk deliver.
Social Media