Hi,
I have installed Netflow Analytics for Splunk and Splunk Add-on for Netflow.
The problem is that Netflow is not displaying the data is captured. But when I type sourcetype="netflow", I don't have any result. Didn't find the file "nfdump.log". I configured the Palo Alto Networks Firewall to send Netflow data by port 9996. Also, for Splunk, the input data is configured using UDP:
- 514 for pan:log
- 9996 for netflow
- 10514 flowintegrator
Is there any configuration to do?
Please Help me
Best regards
↧