Aviz ONE Data Lake outlines Splunk integration

Aviz's ONES 2.1 adds ONE Data Lake and documents how it forwards selected network telemetry to Splunk, covering configuration, metric selection, multi-vendor collection, and management controls for operations, security, and compliance teams.

Research overview

ONE Data Lake is presented as the cloud-hosted successor to ONES, intended to consolidate large volumes of network telemetry into cloud object storage and enable downstream ingestion by services such as Splunk.

The vendor describes the data lake as capable of storing structured, semi-structured, and unstructured metrics from control and data planes, device health, platform, and traffic sources.

Product update

ONES 2.1 introduces a Splunk integration that requires mapping a Splunk instance to the ONES server and providing a Splunk URL, a unique authentication token, and the target index for incoming metrics.

The product interface supports lifecycle actions for each cloud instance, including editing integration details, pausing and resuming metric uploads, and deleting configured endpoints.

Technical breakdown

Telemetry collection accommodates multi-vendor environments; data is streamed from SONiC devices via gNMI and from other vendor Operations Support System (OSS) using Simple Network Management Protocol (SNMP), and the platform lists support for Cisco NX-OS, Arista, SONiC, Dell, Mellanox, and similar devices.

Administrators can select which metric categories to forward to the cloud, with examples in the release noting traffic statistics, Application-Specific Integrated Circuit (ASIC) utilization, device health, and inventory data as supported types.

Operational impact

Routing selected telemetry to Splunk enables teams to centralize event indexing and field extraction for search, correlation, dashboarding, and reporting across network, system, and traffic data.

The vendor positions the integration as useful for monitoring, security event management, regulatory reporting, and supporting analytic workflows that include predictive models and anomaly detection within Splunk.

Key findings

The integration workflow documented in the blog covers instance configuration, required credentials, index selection, user-controlled metric selection, and management controls for active integrations.

The combination of vendor-neutral collection protocols and Splunk ingestion features produces event-based records and chartable data series suitable for visualization and analysis in Splunk.

This “Blog Signals brief” is a fact-based summary of the vendor blog.