Depending on your business needs, you can configure the Data Connector to send and receive data. The Data Connector collects specified data and converts it into a specific data format before sending the data to the supported destinations.

For Data Connector to function properly, you must define the type of data and the source from which the Data Connector collects data, as well as the destination to which the Data Connector transfers the data. You can create different traffic flows for different purposes. For example, you can create a traffic flow to collect DNS query and response data from a NIOS appliance and have it send the data to the NIOS Reporting Server. You can create another traffic flow for the same Data Connector to collect policy hits from BloxOne Threat Defense Cloud and send them to Splunk.

Supported Traffic Flows

The following table lists the sources, the corresponding data types, and destinations that the Data Connector supports:

Adding Traffic Flows

To add a new traffic flow for the Data Connector, complete the following:

1. Log in to the Cloud Services Portal.
2. Go to Manage -> Data Connector.
3. In the Traffic Flow Configuration tab, click Create.
4. In the Create Traffic Flow Configuration wizard, complete the following:
   • Name: Enter a name for this traffic flow configuration.
   • Description: Enter a description for this configuration to distinguish this Data Connector from other hosts. The maximum length is 256 characters.
   • State: Use the slider to enable or disable this configuration. When the configuration is disabled, no traffic flow happens based on the configuration. You can enable the configuration when you want the Data Connector to start the traffic flow.
   • CDC Enabled Host: Expand this section and select the Data Connector from the On-Prem Host list. You must first set up and configure Data Connectors before they appear in this list. For information about how to create a Data Connector, see Deploying the Data Connector Solution.
   • Under SELECT CONFIGURATION, expand the Source Configuration section, and complete the following:
     • Source: Select the source from which the Data Connector collects. Ensure that you select the correct source for this traffic flow, depending on the source type that you select below.
     • SOURCE TYPE: Select the type of data you want the Data Connector to collect from the source. Depending on the source that you have selected and the destination for this traffic flow, the source type varies. For information about the source data type that the Data Connector supports for NIOS and BloxOne Threat Defense Cloud, see the Supported Traffic Flow table in this topic.

     • Destination: Select the corresponding destination that you want the Data Connector to send the source data to. Note that you can send certain data to specific destinations, depending on the supported traffic flow. For example, your Data Connector can send DNS query and response data or threat feed hits log from BloxOne Threat Defense Cloud to Splunk only. If you select a different source type or destination, the traffic flow becomes invalid.

       Note

       The Cloud Services Portal displays an error if you have selected a source, a source type, or a destination that is not compatible with the supported traffic flow.

5. Click Save & Close.

Viewing Traffic Flow Health Status

To view  traffic flow status for an individual traffic flow, complete the following:

1. Log in to the Cloud Services Portal.
2. Go to Manage -> Data Connector.
3. On the Traffic Flow Configuration page you can find a high level aggregated status of each configured traffic flow.
4. Detailed status is displayed on the Details panel, on the traffic flow configuration page, select the individual traffic flow you want to view.
5. On the Details panel located at the far right-hand side of the screen, details about the traffic flow are displayed. The panel can be expanded in height to display all details about the traffic flow.