Network Behavior Analytics for Splunk: AWS VPC flow TCP flags support

Network Behavior Analytics for Splunk now gathers TCP flags from AWS VPC flow logs indexed in Splunk, providing enhanced visibility into each connection. Where present, the tcp_flags field is now forwarded to AlphaSOC alongside your existing flow log data. AlphaSOC uses this field to derive connection state and direction, enabling clearer distinction between incoming and outgoing traffic and reducing false positives.