Vendors

To onboard a source that is specifically supported by Axoflow, complete the following steps. Onboarding allows you to collect metrics about the host, and display the host on the Topology page.

  1. Open the Axoflow Console.

  2. Select Topology.

  3. Select + > Source.

    Add appliance as source

  4. If the source is already sending logs to an AxoRouter instance that is registered in the Axoflow Console, select Detected, then select the source.

    Otherwise, select the type of the source you want to onboard, and follow the on-screen instructions.

    Select data source

  5. Connect the source to the destination or AxoRouter instance it’s sending logs to.

    1. Select Topology > + > Path.

      Add a new path

    2. Select your data source in the Source host field.

      Configure path

    3. Select the target router or aggregator this source is sending its data to in the Target host field, for example, axorouter.

    4. Select the Target connector. The connector determines how the destination receives the data (for example, using which protocol or port).

    5. Select Create. The new path appears on the Topology page.

      The new path

  6. Configure the appliance to send logs to an AxoRouter instance. Specific instructions regarding individual vendors are listed below, along with default metadata (labels) and specific metadata for Splunk.

Amazon

Cisco

Citrix

CyberArk

F5 Networks

FireEye

Fortinet

Fortra

Imperva

Infoblox

Ivanti

Juniper

Kaspersky

MicroFocus

Microsoft

MikroTik

Netgate

Netmotion

NETSCOUT

OpenText

Palo Alto Networks

Powertech

Riverbed

rsyslog

SecureAuth

SonicWall

syslog-ng

Thales

Trellix

Trend Micro

Varonis

Vectra AI

Zscaler appliances