User's Guide
Table Of Contents
- ExtremeAnalytics® User GuideVersion 8.4
- Legal Notices
- Trademarks
- Contact
- Extreme Networks® Software License Agreement
- Table of Contents
- ExtremeAnalytics™ Help
- ExtremeAnalytics Licensing
- Configuring Enhanced Netflow for Extreme Analytics and Extreme Wireless Contr...
- How to Deploy ExtremeAnalytics in an MSP or MSSP Environment
- ExtremeAnalytics Tab Overview
- ExtremeAnalytics Dashboard Overview
- ExtremeAnalytics Insights Dashboard
- ExtremeAnalytics Tracked Applications Dashboard
- ExtremeAnalytics Browser Overview
- ExtremeAnalytics Application Flows
- ExtremeAnalytics Fingerprints Overview
- ExtremeAnalytics Custom Fingerprints
- Delete Custom Fingerprints
- Custom Fingerprint Examples
- Create Custom Fingerprints Based on Flow
- Create Custom Fingerprints Based on Destination Address
- Create Custom Fingerprints Based on Application or Application Group
- ExtremeAnalytics Packet Captures
- ExtremeAnalytics Configuration Overview
- Virtual Sensors
- ExtremeAnalytics Engine Advanced Configuration
- Flow Collection Type
- Collection Privacy Levels
- Client Aggregation
- Slow Client Data
- Max End-Systems in Hourly Details
- Sensor Log Levels
- Store Application Site Data
- ExtremeControl Integration
- Flow Sources/Application Telemetry Sources
- Web Credentials
- Configuration Properties
- Sensor Modules
- Auditing
- Network Settings
- ExtremeAnalytics Reports
- ExtremeAnalytics Report Descriptions
- Report Descriptions
- Analytics Events
- Bandwidth for a Client Over Time
- Interface Top Applications Treemap
- Sites Using the Most Bandwidth
- Most Popular Applications
- Most Used Applications for a Client
- Most Used Applications for a User Name
- Network Activity by Site
- Network Activity by Client
- Network Activity by Application
- Slowest Applications by Site
- Top Applications Group Radar
- Top Applications Radar
- Top Applications TreeMap
- Top Applications for Interface
- Top Applications for Server
- Top Clients by Interface
- Top Interfaces by Application
- Top N Applications
- Top N Clients
- Top N Servers
- Report Descriptions
- Add and Modify Fingerprints
- Add Fingerprints
- Enable or Disable Fingerprints
- Modify Fingerprints
- Update Fingerprints
- Custom Fingerprint Examples
- How to Deploy ExtremeAnalytics in an MSP or MSSP Environment
- ExtremeAnalytics Virtual Sensor Configuration in Extreme Management Center
- Stream Flow Data from ExtremeAnalytics into Splunk
- Stream Flow Data from ExtremeAnalytics into Elastic Stack
Appendix
201 of 218
Appendix
Files
$SPLUNK/etc/apps/splunk_app_stream/local/streamfwd.conf
$SPLUNK/etc/apps/Splunk_TA_stream/local/streamfwd.conf
[streamfwd]
port = 8889
ipAddr = 127.0.0.1
netflowReceiver.0.ip = 10.54.116.45
netflowReceiver.0.port = 2055
netflowReceiver.0.decoder = netflow
#netflowElement.997.enterpriseid = 1916
netflowElement.997.id = 96
netflowElement.997.termid = extr.appName
netflowElement.998.enterpriseid = 1916
netflowElement.998.id = 371
netflowElement.998.termid = extr.userName
netflowElement.999.enterpriseid = 1916
netflowElement.999.id = 372
netflowElement.999.termid = extr.appGroupName
netflowElement.1000.enterpriseid = 1916
netflowElement.1000.id = 1000
netflowElement.1000.termid = extr.srcHostName
netflowElement.1001.enterpriseid = 1916
netflowElement.1001.id = 1001
netflowElement.1001.termid = extr.dstHostName
netflowElement.1002.enterpriseid = 1916
netflowElement.1002.id = 1002
netflowElement.1002.termid = extr.netResponseTime
netflowElement.1003.enterpriseid = 1916
netflowElement.1003.id = 1003
netflowElement.1003.termid = extr.appResponseTime
netflowElement.1004.enterpriseid = 1916
netflowElement.1004.id = 1004
netflowElement.1004.termtype = ipaddress
netflowElement.1004.termid = extr.serverAddress