--- title: "Netflow logic" page_name: "NetFlow Logic App for Sumo Logic" type: "integration" slug: "netflow-logic" published_at: "2025-02-08" modified_at: "2025-05-09" url: "https://www.sumologic.com/app-catalog/netflow-logic" canonical: "https://www.sumologic.com/app-catalog/netflow-logic" markdown_url: "https://www.sumologic.com/app-catalog/netflow-logic.md" lang: "en" excerpt: "Real-time processing and analytics of flow data - NetFlow, sFlow, J-Flow, IPFIX, and Cloud Flow Logs (AWS, Azure, Google)" taxonomy_integration_use_case: - "Operations" --- [ App Catalog ](https://www.sumologic.com/app-catalog)# NetFlow Logic App for Sumo Logic Real-time processing and analytics of flow data – NetFlow, sFlow, J-Flow, IPFIX, and Cloud Flow Logs (AWS, Azure, Google) [View docs](https://docs.netflowlogic.com/)[ Login to Install ](https://service.sumologic.com/) ## Extract critical information from any type of flow data and enriches it with additional data for complete network visibility. Get complete visibility of network traffic, analyzing network devices and interface loads. Identify applications and users that consume bandwidth; Identify impact of physical network devices and interface failures on the virtual and physical networks; Identify security threats and trace known threat sources. ### Volume reduction Real-time consolidation of flow data allows to store and index only a fraction of volume, and at the same time gain all benefits of flow information without losing accuracy. ### Flow data enrichment Improves quality of the flow data by including additional valuable information such as DNS / host names, VM names, GeoIP, Applications, User identity, Security Reputation. ### Comprehensive network view Monitor and analyze all type of flow data (NetFlow, sFlow, J-Flow, IPFIX, and Cloud Flow logs) from various network devices in all of your on-prem and cloud locations on the same screen. Get complete communication visibility between all of your devices whether they are in your data center or in a 3rd party cloud data center. ### Improve security posture The Application is not dependent on any specific threat signature or attack pattern and provides rapid, broad spectrum threat detection with low false positives. ## NetFlow – Traffic overview See a high-level view of your network traffic, whether it is in your data center or in the cloud. This dashboard shows top inbound, outbound, and internal traffic. View network traffic by protocol, users, and applications. Use this dashboard to: - Identify top talkers and top listeners - See network traffic statistics by direction: inbound, outbound, and lateral (internal) - Report bandwidth consumers by protocol, users, and applications ## Security Monitoring – Communications with malicious hosts This dashboard enables your organization to analyze and prioritize network security event traffic. It shows blocked and allowed communications with malicious hosts, breaking them by inbound and outbound direction. Use this dashboard to: - Identify inbound and outbound communications with malicious hosts - Report allowed and blocked traffic with bad actors - See traffic volumes (bytes sent and bytes received) to identify a possible data exfiltration ## Security Monitoring – Traffic using critical ports See your network conversations over critical ports, such as 21(ftp), 22(ssh), 23(telnet), 25(smtp), 50(re-mail-ck), 51(la-maint), and etc. Use this dashboard to: - Monitor your DNS traffic with internal and external DNS servers - Identify abnormal DNS communications - See top traffic using critical ports, such as SSH, FTP, Telnet, etc. More Apps and Integrations Explore More! Explore more apps, collectors, and integrations that work with Sumo Logic. [ Claude Compliance API AI/ML, Development, Operations, Security ](https://www.sumologic.com/app-catalog/claude) [ VMware App for Sumo Logic Operations, SOAR ](https://www.sumologic.com/app-catalog/vmware) [ Varnish App for Sumo Logic Operations ](https://www.sumologic.com/app-catalog/varnish) [AI Instructions](https://www.sumologic.com/ai-instructions.md)