Can vRNI forward the captured packets to a Third party Security/Threat Hunting Tool? We are planning on a Threat Hunting/Anomaly Detection tool that needs packets either in form of Netflow or IPFIX. Can vRNI forward those packets it captured from the different data sources ?
Appreciate any help in advance.
Network Insight doesn't have the capability to forward flows to other systems, next to using the API to get them from NI and forwarding them manually. The best thing you can do is to use something like samplicator to duplex flows coming from the source and then forwarding it to both NI and your threat detection system.
Here's an example on how to do that: http://lostdomain.org/2017/07/27/how-to-define-two-netflow-targets-in-vsphere-vds/