Wire Data, Huh! What Is It Good For? Absolutely Everything, Say It Again Now! | Splunk
				
																	
								
				14MAR19“Wire data is the observed behavior and communication between network elements which is an important source of information used by IT operations staff to troubleshoot performance issues, create activity baselines, detect anomalous activity, investigate security incidents, and discover IT assets and their dependencies.” – WikipediaWhat IS Wire Data?I was going to come up with my own definition, but I think Wikipedia gave a fine, albeit academic, explanation. For me, wire data falls into two categories—verbose (like packet capture) and metadata. The easier of the two to operationalize (and which provide arguably the most bang for your buck) is metadata, which we'll focus on in this blog post!It doesn’t matter if it's metadata created from NetFlow, Zeek, Meek, Fleek or Stream (note: Meek and Fleek aren't real)—it's all just bits of information about network traffic. You can create metadata from either live network traffic via network taps, switches/routers or even on network interf...				
			
			
			
			
						
						
						
					
		