InterMapper App for Splunk Enterprise
The InterMapper App for Splunk Enterprise is a free add-on to Splunk which enables the network administrator to proactively monitor and map network hardware, software and bandwidth utilization in real-time to gain actionable knowledge within Splunk. Datasheet Available
Syslog messages and log files show events detected by individual machines. InterMapper testing gives an independent end-to-end view of the machine status. The combination of syslog and InterMapper active monitoring achieves a more complete and comprehensive view.
Value of adding InterMapper data into Splunk:
- Proactive monitoring of network devices – not just waiting for log events to occur
- Live maps provide an at-a-glance view of real-time conditions, including Layer 2 physical connections
- Identify patterns of InterMapper alerts and trap messages with Splunk's indexing capabilities
- Correlate InterMapper data with other machine data within Splunk to determine root cause of a problem
Splunk users -- get network monitoring and mapping in Splunk:
InterMapper users -- try the new InterMapper App for Splunk:
Click here for an Installation Guide
Integrating InterMapper and Splunk
Traditionally, network mapping and log analysis have been provided by separate applications. The new InterMapper app for Splunk combines these two essential network diagnostic tools. When used in conjunction with InterMapper, the free app integrates real-time mapping, notifications and probing capabilities into Splunk -- enabling a view of all the data available from network devices -- to give complete visibility into the IT infrastructure.
Using Splunk’s dynamically generated dashboards, network administrators can immediately drill down into devices to view notifications, addressing information and even layer 2 details. Automatic searches are run to present the most recent event data; these can then be tuned and expanded upon, so that the root cause of any trouble can quickly identified.
The combination of these products enhances the network administrator’s ability to manage and monitor networks on a day to day basis, delivering the tools needed to prevent problems before they occur and help to plan for future projects on network infrastructure.
The Benefits of Combining InterMapper and Splunk
According to the Splunk website, integrated network monitoring is the most commonly requested add-on. It is now here.
Real-time monitoring enhances Splunk's value as a device portal. InterMapper can proactively test devices and send notifications to Splunk. The at-a-glance view of maps is now easily accessible within Splunk. With the InterMapper app for Splunk the network administrator can view the layout of network maps to identify trouble spots.
What Splunk Users Gain from InterMapper
The value of Splunk is enhanced with the InterMapper app for Splunk . It improves the reliability and trust of machine data by incorporating independent real world monitoring of network devices. It’s like auditing machine data with real world data. InterMapper gives an independent view of the machine status. The combination of syslog and InterMapper achieves the pinnacle of end-to-end monitoring.
Syslog analyzers like Splunk are an efficient way to report on a machine's internal accounts of events. InterMapper is a great supplement to syslog, providing an external assessment of device status.
Furthermore, there is a clear ROI of using InterMapper and Splunk, as the the network monitoring tool minimizes the amount of data being fed into Splunk -- saving on Splunk license fees.
What InterMapper Gains from Splunk
Mapping products like InterMapper are invaluable in troubleshooting. They deliver an overview of the entire network with end-to-end testing. For more detailed problems, it is a powerful enhancement to look at log data on multiple hosts, routers, firewalls and other equipment. These files provide detailed evidence of what is happening on the network, building confidence that there is complete visibility of the problem, before beginning to work towards a solution.
Splunk pulls together this information to make sense of so much diverse data. In order to make viewing and analysis of log data across a range of products quick and manageable, and also in some cases to meet with compliance rules, centralized log servers, such as Splunk, are implemented. Splunk delivers the power to quickly search data, identify statistical patterns, produce tables of frequent or infrequent events, build dashboards to combine all of this information into one place, and a great deal more.
- Only one system to train on – a single pane of glass into the network
- One set of permissions
- Cannot break monitoring
- No impact on production environment – does not slow down devices