NetBox Labs Introduces NetBox Event Streams: Pioneering Event-Driven Architectures for Network Automation

Powerful New Real-time Data Streaming Available to Preview Today in NetBox Cloud, Along With Splunk Enterprise App and ElasticSearch Integration

Today I’m excited to announce NetBox Event Streams, a real-time event streaming capability that furthers our mission to help network engineers scale and manage complex networks, available now for Private Preview in NetBox Cloud. Also available today are new Event Stream integrations for Splunk Enterprise and ElasticSearch, which networking teams can use to feed network events from NetBox Cloud to their security team’s SIEM for real-time security logging and analysis.

With today’s announcements, networking and security teams can:

  • Tap into NetBox Event Streams to subscribe to real-time events from NetBox Cloud organizations, including network updates such as the addition of new devices to the network, and security audit events, such as failed login attempts, and other user interactions.
  • Consume Event Streams via AWS Simple Notification Service (SNS), Azure Service Bus and Google Cloud Pub/Sub Topics today, with additional event streaming backends such as Kafka and MQTT to be delivered later this year.
  • Easily trigger integrations and automations from Event Streams, such as deploying configuration updates, reconfiguring network observability or initiating vulnerability scans when new devices are provisioned on the network.
  • Connect NetBox Cloud with Splunk Enterprise or ElasticSearch as SIEM backends supporting real-time logging and analysis of network events, providing security teams with enhanced visibility of network operations and changes. Event Stream integrations for additional SIEM, logging, observability, analysis, and other operational services will be delivered this year.
  • Attend a hands-on webinar on March 1 to learn about event-driven architectures, why they are an important consideration for network automation initiatives, and how NetBox Event Streams fits in. Attendees can also experiment with an open source self-study lab to get hands-on with event-driven architectures and the new Event Rules feature in NetBox 3.7.

Using event-driven architectures to go further, faster

As networking professionals increasingly adopt automation to manage and scale their networks, more advanced organizations often encounter challenges around workflow coupling and inter-team dependencies. The solutions to these challenges can help organizations at all stages of their network automation journey.

Imagine a config backup service that pulls the running configs from network devices and stores them in a GitHub repository. That’s easily achieved with a relatively simple script and a scheduler like a cron job or a workflow tool. But what if you now want to act on those config backups to do something else, like extract the platform versions and check them against vulnerability databases? At this stage many teams may inadvertently introduce a dependency, or “coupling”, between the workflows which may cause few issues at first, but will become more difficult over time. For example, what if you then add a third service to compare those device configurations against a golden template?

Each workflow considered in isolation is easy, but when combined, interdependencies begin to creep in. This coupling between workflows, which creates fragility in the automation, quickly becomes coupling between teams, harming their ability to react to change.

This is where event-driven architectures shine. NetBox Event Streams unlock event-driven architectures by enabling teams to easily subscribe to network state and management events from the NetBox Cloud Platform, feeding events to other systems or triggering automations. NetBox Event Streams publish events from NetBox Cloud instantly when they occur, and support easy integration via every major public cloud provider. In addition, NetBox Event Streams includes specific connector solutions for common use cases, with integrations for Splunk Enterprise and ElasticSearch available today.

“Our network automation grew organically over several years, and after a lot of initial experimentation we’ve spent significant time decoupling a lot of those efforts to make them into more generalized little blocks that can be combined in often surprisingly useful ways.” says Felix Windt, CTO at Dartmouth College. “We quite naturally landed at an event-driven approach to stitch them together for larger workflows so that we wouldn’t have to re-invent all that glue logic and integration code, which also speeds up the pace at which you can add new functionality – it’s time you can spend on stuff that matters. Netbox Event Streams aligns perfectly with this approach, we were delighted how well it just plugs into what we already have, allowing us to further extend adoption of the pattern.”

Enabling networking and security teams to move together as one

As networking and security teams embrace automation and work more closely together to keep up with growing demands, there is an acute need for tooling which facilitates collaboration between the two domains.

This collaboration between networking and security teams, often referred to as NetSecOps, is a growing trend. NetSecOps: Examining How Network and Security Teams Collaborate for a Better Digital Future, a 2024 Enterprise Management Associates (EMA) survey of 304 IT professionals, reported that almost 50% of respondents had either fully or partially converged their networking and security teams, with 86% of respondents reporting that collaboration between these teams had somewhat or significantly increased.

The #1 driver for NetSecOps, according to the report, is network automation, but there are challenges. The biggest issue around collaboration is data, where networking and security teams are collecting different sets of data and have different needs from it. The report goes on to explain that the second and third biggest challenges are budget and infrastructure complexity, in other words, networking and security teams are solving the same problems in different ways which creates waste, and then they are struggling when those approaches need to be aligned.

The NetBox Event Streams integrations for Splunk Enterprise and ElasticSearch are our first important steps in addressing these challenges, allowing networking teams to move ahead unhindered by burdensome reporting duties while providing security teams with a granular, real-time, and customizable overview of what is happening across the network.

Webinar: Introducing Event-Driven Architectures for Networking and Security

To help networking professionals better understand how event-driven architectures and NetBox Event Streams fit into modern network automation we’re running a webinar on March 1. Attendees can expect a deep dive into the key drivers for event-driven architectures when automating networks, a look under the hood at how NetBox Event Streams works and a demo of the new Splunk app in action showing how networking teams can better equip their security colleagues with the data they need.

I’m also excited to be showing off the recently updated Event Rules feature in open-source NetBox, and exploring how it fits into event-based architectures, including a walkthrough of an open source self-study lab environment that attendees can experiment with after the webinar to get familiar with the key concepts and where they might fit in their own network automation initiatives.

Whether you’re already deep into your network automation journey and curious about how event-based architectures could help you go further, or earlier in your journey and just trying to get to grips with the concepts, you’ll find something of value.

What’s next?

Share the Post:

Related Posts