Kentik - Network Flow Analytics

Kentik Blog

Most Recent
by Avi Freedman
by Avi Freedman
by Avi Freedman
by Avi Freedman
by Avi Freedman
by Avi Freedman
by Aaron Kagawa, Crystal Li
by Ken Osowski
by Crystal Li, Jim Meehan
by Ken Osowski
by Jim Meehan, Greg Villain
by Crystal Li

Using Kentik Detect to Find Current Attacks

December 15, 2015

With massive data capacity and analytical flexibility, Kentik Detect makes it easy to actively explore network traffic. In this post we look at how to use this capability to rapidly discover and analyze interesting and potentially important DDoS and other attack vectors. We start with filtering by source geo, then zoom in on a time-span with anomalous traffic. By looking at unique source IPs and grouping traffic by destination IP we find both the source and the target of an attack.

Read More

Detecting Hidden Spambots

December 03, 2015

If your network visibility tool lets you query only those flow details that you’ve specified in advance then you’re likely vulnerable to threats that you haven’t anticipated. In this post we’ll explore how SQL querying of Kentik Detect’s unified, full-resolution datastore enables you to drill into traffic anomalies, to identify threats, and to define alerts that notify you when similar issues recur.

Read More

Parsing Alert JSON

October 02, 2015

Kentik Detect’s alerting system generates notifications when network traffic meets user-defined conditions. Notifications containing details about the triggering conditions and the current status may be posted as JSON to Syslog and/or URL. This post shows how to parse the JSON with PHP to enable integration with external ticketing and configuration management systems.

Read More
We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.