Cloud visibility and detection

The Plixer One Platform (Core, Network, or Security) enables seamless visibility across on-prem and cloud-based resources in cloud or hybrid environments through cloud provider log ingestion in Plixer Scrutinizer.

Overview

After the corresponding cloud storage container is set up to receive log data from an Amazon VPC or Azure NSG, Plixer Scrutinizer can be configured to ingest the information via the container. Containers that have been set up as flow data sources in Plixer Scrutinizer are treated as Exporters and support the same functions and configuration options as typical flow-exporting devices (e.g., Flow Analytics Security Groups, Plixer ML Engine inclusion, and Reports.

Amazon VPC flow logs

To enable Amazon VPC flow log ingestion in Plixer Scrutinizer, the VPC must first be set to send log data to an Amazon S3 bucket with the correct configuration. Afterwards, the bucket should be added to Plixer Scrutinizer from the Admin > Integrations > Flow Log Ingestion page in the web interface.

The following additional Report types can be run when one or more S3 buckets are selected as data sources for a Report:

  • Action

  • Action with Interface

  • Action with Interface and Dst

  • Action with Interface and Src

  • Availability Zones

  • Dst Service

  • Interface

  • Pair Interface

  • Pair Interface Action

  • Src Service

  • Src Service-Dst Service

  • Traffic Path

  • VPCs

Hint

To view only report types that apply to Amazon VPC flow logs, use the Amazon AWS category when selecting a report type.

Azure NSG flow logs

Setting up Azure NSG flow log ingestion in Plixer Scrutinizer requires an Azure Blob Storage container that is correctly configured and receiving log data from the NSG. This container should be added to Plixer Scrutinizer from the Admin > Integrations > Flow Log Ingestion page in the web interface.

When one or more Azure blob containers are selected as data sources for a Report, the following additional Report types become available:

  • Flow Decisions

  • Flow Decisions Count

  • Flow States

  • Flow States Count

  • NSG All Details

  • Resource IDs

Hint

To view only report types that apply to Azure NSG flow logs, use the Azure category when selecting a report type.