The NETSCOUT/Splunk Partnership
As organizations migrate workloads to the cloud, infrastructure becomes more hybrid, making end-through-end visibility a necessary tool in combating threats across the global attack surface. IT teams are tasked with not only assuring service delivery and a delightful user experience but also protecting digital assets from the on-premises data center to the cloud. The sheer sprawl of the IT footprint beyond the boundaries of the traditional enterprise means that NETOPS, SECOPS, and ITOPS must embrace new ways of gaining visibility and addressing both service delivery and security issues as they occur.
NETSCOUT’s partnership with Splunk brings the NetOps and SecOps teams together through a unified view of network and security events from NETSCOUT’s Omnis Cyber Intelligence (OCI) and nGeniusOne in the Splunk SIEM portal. The NETSCOUT Omnis Cyber Intelligence App for Splunk helps you perform security analysis functions. Security events generated from OCI are sent to Splunk with a contextual launch capability that allows Splunk users to query back into OCI for further analysis. The NETSCOUT nGeniusONE Alert integration module enables alerts generated from nGeniusONE to be sent to the Splunk platform. The NETSCOUT and Splunk partnership also features a contextual launch capability that allows Splunk users to query back into nGeniusONE for packet-level performance management and troubleshooting.
Fully understand your network and attack surface while increasing your security posture through NETSCOUT and Splunk’s partnership and technology collaboration.
Faster response to issues due to the collaboration between NetOps and SecOps, resulting in decreased mean-time-to-resolution (MTTR) natively from Splunk SIEM dashboards.
Gain visibility into threats and derive actionable insights for security issues that span multi-cloud, on-premises, and hybrid environments in a single pane of glass through Splunk dashboards.
- Native Splunk Dashboard showing Omnis Cyber Intelligence and nGeniusOne generated events.
- Drilldowns from Splunk events to Omnis Cyber Intelligence risk visualization views.
- Drilldowns from Splunk events to nGeniusONE for service performance, application, and session analysis views.
- Events are sent from Omnis Cyber Intelligence and nGeniusOne in Syslog CEF format over UDP.
NETSCOUT Support Information
NETSCOUT technical assistance provides different service offerings depending on the customer’s license type.
Please visit NETSCOUT support page for details about Mastercare support.