Partners

Emulex Connectivity Products

US 
info@emulex.com
800-368-5393

International (EMEA, APAC, Canada, South America) 
info@emulex.com 
44 1189-772929

Emulex Connectivity Products

Americas 
repair@emulex.com 
800-752-9068 or
+1 714-885-3413
FAX: +1 714-885-3787

EMEA 
services.europe@emulex.com  
+44 1189-772929

Emulex Connectivity Products

Knowledge Base
Submit a case
Email Tech Support

Call Tech Support:
+1 800 854 7112 or
+1 714 885 3402

Endace Visibility Products

Submit a case
Email Tech Support

Call Tech Support:
US Toll Free: +1 866 501 3356
UK Toll Free: +44 0800 051 3887
Australia: +61 1800 144 708
New Zealand: +64 7 959 2630



Endace Fusion Connector for Splunk

Deploying EndaceProbe™ Intelligent Network Recorders (INRs) and Splunk Software Provides Fail-safe Security and Network Event Analysis

The Emulex Endace Fusion Connector for Splunk is an open workflow solution for detecting and resolving network security issues and optimizes data analysis workflows between its family of EndaceProbe (INR) and Splunk’s industry-leading third-party monitoring and security tools that detect anomalous network behavior. Integrated with EndaceProbe INRs, the combined solution provides organizations with the ability to detect and investigate issues at the network packet-level in order to lower time-to-resolution (TTR).

By integrating Splunk and Emulex technologies at the ‘event’ level, organizations can complete the detection and investigation cycle quickly and completely by determining the root cause of network security and operational issues. As a result, customers are able to contain real network security and operations issues more effectively while reducing the impact on end users, detect false positives more quickly and better ‘tune’ detection systems.

Best-of-Breed Solution

  • Splunk is a leading software platform for collecting and correlating machine data generated from a variety of different IT systems and infrastructure. Splunk helps customers detect network problems, monitor infrastructure elements and gain real-time visibility into customer experience, transactions and behavior.

  • Emulex captures 100 percent of the network traffic transiting a link, whether it is a 10Gb Ethernet (10GbE), 40GbE or 100GbE link and the EndaceProbe INR offers a historical view is at the highest level of detail and accuracy available in the industry today.

  • By deploying the EndaceProbe INR’s RESTful API, users can click on a Splunk event and pivot straight to the packets of interest for deep analysis in a protocol analyzer, such as Wireshark.

  • Take advantage of a more comprehensive view of the network with added search and drill-down capabilities. Visibility to network activity gives both Security Operations (SecOps) and Network Operations (NetOps) teams the ability to quickly identify anomalous activity and conduct forensic investigations.

  • Customers can not only understand the scope of a potential threat but also identify the source by simply zooming in on an event and quickly obtaining the relevant packet information.

Deployment Made Easy

  • The Emulex Endace Fusion Connector for Splunk is available through Splunk Apps. The plugin is easy to install and adds minimal overhead to the performance of the application.

  • The ability to instantly drill down from a Splunk event alert directly to the associated network packets is invaluable, saving time and resources and most importantly, accelerating root cause identification and resolution.

  • This joint solution provides an opportunity to help Splunk users dramatically enhance their network and security event management with this new capability from Emulex and Splunk.