Application Metadata Intelligence

Application Metadata Intelligence (AMI) exports metadata from applications found in network traffic. It sends records to a collector either in IPFIX (IP Flow Information Export) format or CEF (Common Even Format) through the IP or management interface. You can use AMI for more than security. It can check network or application health, track long-lived sessions, and more.

AMI creates over 5,000 attributes for more than 3,200 applications without slowing down users, devices, or network appliances. It can identify applications even if the traffic is encrypted. AMI supports multi-collect. This means it can collect more than one metadata attribute of the same type from a protocol. It supports protocols such as DNS, GTP, GTPv2, DHCP, HTTP, HTTPS, SSL, HTTP_PROXY, HTTP/2, Kerberos5, and DHCPv6.

AMI exports metadata in IPFIX or CEF format for use with security analytics and forensics tools. This helps enforce corporate compliance and gives better network visibility. You can convert AMI’s CEF output to JSON using the Application Metadata Exporter (AMX). You can then send the JSON output to cloud tools or Kafka.

For details about configuring Application Metadata Intelligence and viewing the statistics, refer to following topics:

• Configure Application Metadata Intelligence for Virtual Environment
• View Application Statistics for Application Metadata

You can convert the output from the Application Metadata Intelligence (AMI) that is in CEF into JSON format and send it to the cloud tools and Kafka. For details, refer toApplication Metadata Exporter ..