NetFlow Collection and Analysis Using NFCAPD, Python, and Splunk

NetFlow data is often collected for network monitoring and management, but it has many applications for the security analyst. NetFlow data can be used to identify variations from established traffic baselines, traffic originating from critical systems, and communications with known bad external...

By

February 10, 2015

All papers are copyrighted. No re-posting of papers is permitted

Related Content

DFIR - Blog - Breaking Down December 2024’s Top Threats_340 x 340.jpg

Digital Forensics, Incident Response & Threat Hunting

December 23, 2024

SANS Threat Analysis Rundown in Review: Breaking Down December 2024’s Discussion

Exploring the power of the PEAK Threat Hunting framework

OO - Blog - November 2024's Top Threats_340 x 340.jpg

Digital Forensics, Incident Response & Threat Hunting

November 25, 2024

SANS Threat Analysis Rundown in Review: Breaking Down November 2024’s Top Threats

There’s always plenty of news on cyber threats to discuss, and this month was no exception.

Coolest Careers Poster

Digital Forensics, Incident Response & Threat Hunting

SANSがおすすめするサイバーセキュリティの仕事20選: サイバーセキュリティアナリスト/エンジニア

サイバーセキュリティアナリスト/エンジニアの主な業務や、スキルアップのためのSANSのおすすめのコースを紹介します！