manualshive.com logo in svg

Fluke Computer Accessories, User Manual

Introducing Cisco Computer Accessories user manuals - your comprehensive guide to optimize and maximize the potential of your Cisco products. Easily download these essential manuals for free from manualshive.com, empowering you to set up, maintain, and troubleshoot your devices with confidence. Unlock the true potential of your Cisco Computer Accessories today!

Share
Download
background image

User’s Guide – version 3.5 

NetFlow Tracker 

33 

Protocol 

You can restrict the set of IP protocols considered. For example, you may want to 
consider only UDP or ICMP traffic while investigating a denial-of-service attack. 

Source port 

The source port filter restricts the source application port number; it should be used in 

conjunction with the protocol filter. 

Dest port 

This restricts the destination application port number. 

Src/dest port 

This filter will consider traffic with the given port number as either the source or 
destination. 

Source application 

The source application filter restricts the IP protocol and source application port 

number. You can enter a port number and protocol manually or you can select from 
the configured in the 

IP Application Names

settings page. 

Dest application 

This restricts the protocol and destination application port, selectable by name. 

Src/dest application 

This filter considers traffic using the given application as either the source or 

destination. 

Recognised application 

This filter selects traffic with the given source or destination application. Whether the 
source or destination application is considered depends on whether it has a name 

defined in the 

IP Application Names

settings page, or if both or neither have names, 

whichever has the lower port number. 

Identified application 

This filter selects traffic with the given identified application. In order for applications to 

be identified the NetFlow device must support the functionality and its identified 

application mapping must be configured in 

Device Settings

.

ToS 

You can report only on traffic bearing any one of a set of type-of-service byte values. 
You build the ToS byte value by picking the priority and the minimize delay (D), maximise 

throughput (T), maximise reliability (R) and minimise monetary cost (M) flags. If you 
leave the priority or any of the flags empty then only the fields you supplied a value for 

are considered. Thus you can match traffic of a given priority with any flags, or with 
particular flags set or unset but any priority and any values for the other flags. 

Summary of Contents for Computer Accessories

Page 1: ...NetFlow Tracker User s Guide Version 3 5 May 2007 Copyright 2004 2007 Fluke Corporation All rights reserved All product names are trademarks of their respective companies w flukenetworks com ...

Page 2: ...nts 17 Operating System Support 17 Pre installation Checks 17 Installation on Microsoft Windows 18 Installation on Linux 19 Post installation Tasks 19 USING NETFLOW TRACKER 21 Real time Data 21 Long term Data 21 Executive Reports 21 Network Overview 21 Devices 21 Per AS data 23 Working with Charts 23 Working with Pie Charts 26 Working with Tabular Reports 26 Report Templates 28 Creating Filtered R...

Page 3: ...Parameters 42 Filter Parameters 49 Security Parameters 54 Management Portal Access Control Parameters 55 PERFORMANCE TUNING 58 Disk Speed 58 Query Size 58 Database Server Settings 58 CONFIGURATION GUIDE 59 Licensing 59 Listener Ports 59 SNMP Settings 59 Device Settings 60 Security Settings 62 Management Portal Settings 63 Using Apache as a Portal Server 64 Report Settings 65 An Example Executive R...

Page 4: ... Enabling NetFlow Export NDE on a Cisco Router or Layer 3 Switch 78 Configuring NetFlow Input Filters for Traffic Class Reporting 83 Enabling Flow Detail Records on a Packeteer Device 83 Enabling NetFlow on an Enterasys Device 84 APPENDIX 2 CSV FILE FORMAT 85 Chart CSV format 85 Pie chart CSV format 85 Tabular report CSV format 85 APPENDIX 3 XML FORMAT 86 Chart XML format 86 Pie chart XML format 8...

Page 5: ...for the requested additional number of servers devices Fluke or your Reseller may require that You provide written certification showing the geographical locations type and serial number of all computer hardware on which the Software is being used together with confirmation that the Product is being used in accordance with the conditions of this Agreement You shall permit Fluke or your Reseller an...

Page 6: ...hts which You may enjoy under applicable law provided that such rights are exercised strictly in accordance with applicable law and except as expressly provided in this Agreement You may not reproduce modify adapt translate decompile disassemble or reverse engineer the Product in any manner You shall not merge or integrate the Product into any other computer program or work and You shall not creat...

Page 7: ...f the other Party commits any material breach of any of the provisions of this Agreement and fails to remedy the same within sixty 60 days after receipt of a written notice from the non breaching Party giving full particulars of the breach and requiring it to be remedied You shall be obliged to notify Fluke in writing of any change in the control or ownership of the End User and Fluke shall be ent...

Page 8: ...ject to any applicable data protection laws Fluke may use your business name and logo for the purposes of marketing and promotion of the product and its business and You hereby grant Fluke a limited licence to use your business name and logo for these purposes 12 EXPORT CONTROL You shall be responsible for and agree to comply with all laws and regulations of the United States and other countries E...

Page 9: ...of God governmental act tempest war fire flood explosion civil commotion industrial unrest of whatever nature or lack of or inability to obtain power supplies or resources 14 6 A waiver by either party to this Agreement of any breach by the other party of any of the terms of this Agreement or the acquiescence of such party in any act which but for such acquiescence would be a breach as aforesaid w...

Page 10: ...Support Services shall mean the maintenance and support services provided by Fluke under the terms of this Agreement as detailed in the Schedule Working Day means any day other than Saturday or Sunday or a bank or a public holiday in Ireland Capitalised terms which are not defined herein shall have same meaning as under the Licence Agreement 1 2 In the event of any inconsistency between the Schedu...

Page 11: ...3 4 All Support Charges referred to in this Agreement are exclusive and net of any taxes duties or such other additional sums which shall be paid by You including but without prejudice to the generality of the foregoing VAT excise tax tax on sales property or use import or other duties whether levied in respect of this Agreement the Support Services or otherwise 4 Undertakings by You You undertake...

Page 12: ...tions under this Agreement and for all representations statements and tortious acts or omissions including negligence but excluding negligence causing loss of life or personal injury arising under or in connection with this Agreement shall in no event exceed the Support Charges paid by You pursuant to this Agreement prior to the date of the breach 7 Intellectual Property Rights 7 1 Ownership of al...

Page 13: ...nt is personal to You and You shall not assign sub licence or otherwise transfer this Agreement or any part of its right or obligations hereunder whether in whole or in part without the prior written consent of Fluke Nothing in this Agreement shall preclude Fluke from assigning or sublicensing its rights and obligations under this Agreement 10 2 If any provisions of the Agreement are held to be un...

Page 14: ...possible and 2 2 4 correct errors by fix where Fluke in its sole discretion considers such to be appropriate 2 3 Response times to technical advice and assistance queries and reported errors and problems are set out in clause 3 below 2 4 Remote connection support shall only be provided by Fluke in the event that telephone fax or email support does not resolve a problem 3 Response Times 3 1 In the ...

Page 15: ...erface are also used to uniquely identify the flow to which a packet belongs What is NetFlow Tracker NetFlow Tracker provides a powerful but easy to use set of dynamic charts and reports to help the network administrator make sense of the traffic flow information provided by his routers Features and Benefits Highly detailed view of network traffic without the need for costly probes Web based front...

Page 16: ...ormatted as CSV or XML for further processing or as simplified HTML or PDF for printing or emailing Straightforward URL format for linking current automatically updated charts into other applications Optimized database structure ensures fast report generation under heavy load ...

Page 17: ...der of 20GB to 50GB of NetFlow information in this time Operating System Support Microsoft Windows 2000 or Microsoft Windows Server 2003 Desktop operating systems are not supported Any modern Linux distribution capable of running Java 1 4 2 and MySQL 5 0 Intel compatible processors Pre installation Checks Before installing there are a few things you need to check NetFlow Tracker puts a heavy load ...

Page 18: ... different version The installation program will fail if the installed version of MySQL uses a root password Java Runtime Environment installation If the server does not have the required version of the Java Runtime Environment installed you will be prompted to press Ok to install it It will take several seconds to launch the Java installer after which you must accept Sun s licence agreement You w...

Page 19: ...stall or an upgrade are available with the program files from Fluke Networks web site Please contact support flukenetworks com for more details Post installation Tasks Access the web front end You can access the web front end from any workstation on the network by opening the following address in a web browser http address port Where address is the address of the server and port is the http port y...

Page 20: ...gs page Set up web front end security If you wish to set passwords to protect access to the web front end and the settings pages you can do so in Security Settings Configure your routers and switches You must configure your devices to send NetFlow exports to the server running NetFlow Tracker and to allow the server read only SNMP access Even if you have set up NetFlow before please read the confi...

Page 21: ...ut setting up and viewing executive reports Network Overview The Network Overview page is accessible from the home page of the software if you do not have user security set up see Security Settings it is also the default page you see when you access the software The page gives you a simple overview of the devices and interfaces currently carrying the most traffic on your network You can click on a...

Page 22: ... on the interface status report show the recent peak and current rates in each direction on each interface The scale of the chart depends on which column it is in the Utilisation column scales each row of each chart according to the configured speed of the interface in that direction whereas the Relative Traffic and Relative Packets are scaled relative to the busiest direction of the busiest inter...

Page 23: ...art displays the elements that contributed most to the overall total traffic or packet rate over the charted time range By default at most ten elements are charted but this can be configured in the Report Settings page Viewing earlier or later data You can easily look at earlier or later data by using the forward and back buttons above the chart Note that when you open a device or interface chart ...

Page 24: ...me range using the select all toolbar button Examine selected data Once you have selected a time range as above you can drill down into it by clicking the right mouse button on the selection A context menu will pop up allowing you to create another chart based upon any one of or all of the charted elements during the selected time range If the chart is automatically refreshing and you used the sel...

Page 25: ...normal display of just addresses by clicking the resolve available toolbar button Export a chart to another application You can convert a chart to a comma separated value CSV file by clicking the CSV toolbar button You will be prompted to open or save the file most databases and spreadsheets should be able to understand the format described in Appendix 2 You can also convert the chart to an XML fo...

Page 26: ...tilisation If the source data for a report is filtered by interface the total utilisation of all the traffic displayed in the report as a percentage of the interface bandwidth is shown under the interface name This can help you judge whether an element s traffic is significant or not View a tabular report as a chart You can view a report as a chart by clicking the chart toolbar button View more ro...

Page 27: ...ngle row Every row in a tabular report has a radio button to its left You can click one of these radio buttons to select a row to drill down into Note that only one row can be selected To examine the data contributing to that rows figures select the type of sub report you d like to open from the drop down list at the bottom of the report and click on Filter Thus if you are looking at a report of s...

Page 28: ...d in the most distinct conversations Session Reports Protocols shows the IP protocols such as TCP or UDP used by most traffic or packets Source Applications shows the IP applications that were the source of most traffic or packets An IP application is a combination of a set of IP addresses application ports and protocols common examples are HTTP or FTP You can assign names to applications using th...

Page 29: ...present a client s requests to a web server for several pages and images Sessions shows the pairs of connected IP addresses using any recognised application that exchanged the most traffic or packets Bi directional Sessions adds extra columns showing the traffic and packets sent from destination to source and the bi directional totals for each session QoS Reports Types of Service shows the ToS lev...

Page 30: ... packets See Device Settings for more information Traffic Classes shows the traffic classes that with most traffic or packets see Device Settings for more Other Reports Total shows just the total traffic and packets passing the filter Creating Filtered Reports NetFlow Tracker allows any chart or tabular report to be created using a powerful dialog called the filter editor To create a filtered repo...

Page 31: ...Long term data is stored in samples of various sizes that are optimal for different lengths of chart you can override the automatic selection of the source data to create charts showing for example a month in day long blocks Start time Pick the date and time of the earliest data to consider The default value is six hours before you opened the filter editor End time Pick the date and time of the la...

Page 32: ... that took a particular path through a router In out interface The in out interface filter restricts the report to bi directional traffic for the selected interfaces In VPN The in VPN filter restricts a report to just traffic where the inbound interface is part of the selected VPN s Interfaces must be associated with VPNs in Device Settings for this filter to function Out VPN The out VPN filter se...

Page 33: ... application as either the source or destination Recognised application This filter selects traffic with the given source or destination application Whether the source or destination application is considered depends on whether it has a name defined in the IP Application Names settings page or if both or neither have names whichever has the lower port number Identified application This filter sele...

Page 34: ...oid the filter page being excessively large Dest AS This restricts the source data to traffic bearing the given destination origin or peer ASes Src dest AS This filter considers traffic to or from the given origin or peer ASes Source subnet This will select traffic with the given source subnet You can enter the network address and mask length manually or select from the subnets configured in the S...

Page 35: ...rs days weeks months quarters half years or years Note that if you zoom in to or out of a long term chart or drill down into a selection other than one selected using the Select All button the time range selector will not be available on the resulting chart Another major difference is that while the real time device and interface pages show the peak and most recent traffic and packet rates over th...

Page 36: ...und interface or per outbound interface report you must also specify what device or interface to report upon The editors for selecting a device or interface are slightly different to their counterparts in the real time Filter Editor in that they allow only one item to be selected ...

Page 37: ...ains one or more charts or tabular reports Executive reports can be created to show related information on one page and to allow quick access to commonly used reports A scheduled report is any real time long term or executive report that the software can provide configured to be emailed and or saved on a schedule Scheduled reports can be also run on demand Executive and scheduled reports are defin...

Page 38: ...rder with each prm value pair separated by an ampersand Report Format Parameters templid specifies the report template to use This parameter should not be used in conjunction with id or cid 0000 Source Addresses 0001 Destination Addresses 0002 Address Pairs 0003 Protocols 0006 Source Applications 0007 Destination Applications 0008 Source Endpoints 0009 Destination Endpoints 0010 Server Client Sess...

Page 39: ... IDs for these reports are given below The id for a custom report is available in Report Settings This parameter should not be used in conjunction with templid or cid 0000 Source Addresses per inbound interface 0001 Source Addresses per outbound interface 0002 Destination Addresses per inbound interface 0003 Destination Addresses per outbound interface 0004 Recognised Applications per inbound inte...

Page 40: ...a visible column of a report or chart this parameter should be specified as many times as is necessary to include all desired columns By default all columns are visible heading The URL encoded column heading note that is URL encoded as 25 heading A column to make invisible parameters specifying invisible columns cannot be mixed with those specifying visible columns nelements specifies the number o...

Page 41: ...on if applicable 8 Zoom Out button if applicable 48 Open as Tabular Report Chart or Pie buttons as applicable 64 Filter Editor button if applicable 128 Refresh and Resolve All buttons if applicable 256 Print and CSV buttons if applicable 512 Open in New Window button 1024 Drilldown controls 2048 Direct drilldown links found in navigation reports 4096 Page navigator 8192 Sortable column headers 163...

Page 42: ...d automatically default seconds Number of seconds between refreshes splash controls whether or not the splash screen is displayed true The splash screen will be displayed if it has not already been shown default false The splash screen will not be displayed Time Range Parameters The time range can be specified in one of several ways If no time range is specified a default will be used Start and en...

Page 43: ...er of units ending either when the report is generated or at the end of the last full unit before the report is generated unit specifies the unit to measure the time range in hour Hours day Days week Weeks mon Weeks starting on a Monday tue Weeks starting on a Tuesday wed Weeks starting on a Wednesday thu Weeks starting on a Thursday fri Weeks starting on a Friday sat Weeks starting on a Saturday ...

Page 44: ... long before the report is generated the time range starts and ends day Days week Weeks mon Weeks starting on a Monday tue Weeks starting on a Tuesday wed Weeks starting on a Wednesday thu Weeks starting on a Thursday fri Weeks starting on a Friday sat Weeks starting on a Saturday sun Weeks starting on a Sunday month Months quarter Quarters halfyear Half years year Years sdate_unit optional specif...

Page 45: ...me with HH being the hour in the 24 hour clock and mm being the minutes Applying a time of day mask to the time range If the time range is longer than a day you may wish to restrict it to just certain times on each day You can select only working hours or only non working hours for example Note that if a long term report has a configured time zone or mask this parameter will have no effect timemas...

Page 46: ...GMT 06 00 Central America 20 GMT 06 00 Central Time US Canada 30 GMT 06 00 Guadalajara Mexico City Monterrey 25 GMT 06 00 Saskatchewan 45 GMT 05 00 Bogota Lima Quito 35 GMT 05 00 Eastern Time US Canada 40 GMT 05 00 Indiana East 50 GMT 04 00 Atlantic Time Canada 55 GMT 04 00 Caracas La Paz 56 GMT 04 00 Santiago 60 GMT 03 30 Newfoundland 65 GMT 03 00 Brasilia 70 GMT 03 00 Buenos Aires Georgetown 73 ...

Page 47: ...umbai New Delhi 193 GMT 05 45 Kathmandu 201 GMT 06 00 Almaty Novosibirsk 195 GMT 06 00 Astana Dhaka 200 GMT 06 00 Sri Jayawardenepura 203 GMT 06 30 Rangoon 205 GMT 07 00 Bangkok Hanoi Jakarta 207 GMT 07 00 Krasnoyarsk 210 GMT 08 00 Beijing Chongqing Hong Kong Urumqi 227 GMT 08 00 Irkutsk Ulaan Bataar 215 GMT 08 00 Kuala Lumpur Singapore 225 GMT 08 00 Perth 220 GMT 08 00 Taipei 235 GMT 09 00 Osaka ...

Page 48: ...rs halfyear Half years year Years sample_nunits specifies the number of units in each sample 1 Each sample will be one unit long default number Each sample will be this number of units long Specifying the source long term data When you create a long term chart or tabular report the source data is chosen so the time range will be in as close to 150 samples as possible You can override this if you w...

Page 49: ...epend upon its type sf specifies a saved filter to apply to the report The ID for a saved filter is available in Report Settings id A saved filter ID device specifies the address of an acceptable NetFlow exporting device addr The address in dotted decimal format a b c d inif specifies an acceptable input interface thus selecting inbound traffic on the interface addr id The interface with addr bein...

Page 50: ... address Format as for srcaddr above dstaddr_exclude true specifies that the supplied destination addresses are excluded rather than included addr specifies an acceptable source or destination address Format as for srcaddr above addr_exclude true specifies that the supplied source or destination addresses are excluded rather than included proto specifies an acceptable IP protocol name The protocol...

Page 51: ...the start of the range port2 the end and number being the protocol number name The name of a grouped application srcappl_exclude true specifies that the supplied source applications are excluded rather than included dstappl specifies an acceptable destination IP application Format as for srcappl above dstappl_exclude true specifies that the supplied destination applications are excluded rather tha...

Page 52: ...s specifies an acceptable differentiated service codepoint name The assigned name of the codepoint code The six digit binary representation of the codepoint byte The value of the entire Type of Service byte in the range 0 255 ds_exclude true specifies that the supplied differentiated service codepoints are excluded rather than included class specifies an acceptable traffic class name The traffic c...

Page 53: ...estination subnet Format as for srcnet above dstnet_exclude true specifies that the supplied destination subnets are excluded rather than included net specifies an acceptable source or destination subnet Format as for srcnet above net_exclude true specifies that the supplied source or destination subnets are excluded rather than included srcmask specifies an acceptable source subnet mask as suppli...

Page 54: ...being the start of the range and addr2 the end nexthop_exclude true specifies that the supplied next hop addresses are excluded rather than included Security Parameters If a username and password is required to access a report it can be specified in the URL j_username specifies the username username The username j_password specifies the password password The password ...

Page 55: ...rt template null No report templates are permitted id A permitted report template see templid in Report Format Parameters above for permitted values aclid specifies a permitted long term report null No long term reports are permitted id A permitted long term report see id in Report Format Parameters above for permitted values aclcid specifies a permitted executive report null No executive reports ...

Page 56: ...6 Recognised Application 27 Traffic Class 28 Identified Application 29 VPN 30 In VPN 31 Out VPN aclsf specifies a visible saved filter null No saved filters are visible id A visible saved filter see sf in Filter Parameters above for permitted values aclfeatures specifies the permitted interactive report features The features formed by summing the values for each feature 1 Navigation Menu 2 Select ...

Page 57: ... buttons if applicable 256 Print and CSV buttons if applicable 512 Open in New Window button 1024 Drilldown controls 2048 Direct drilldown links found in navigation reports 4096 Page navigator 8192 Sortable column headers 16384 Chart scrollbar 32768 Chart selection headers 65536 Time range editor if specified ...

Page 58: ...he Query Size The amount of raw data that needs to be read from disk is dependent on the number of source devices selected the data load of those devices and the amount of time selected Indexes are not used due to the increase in database size they would cause so any other filters have no impact on the amount of raw data read from the disk If possible avoid reporting over multiple devices and over...

Page 59: ...ore than one router it is recommended that you use a different port for each one To do this simply add the port numbers you wish to use to the list You can also choose to listen on all local IP addresses or only one if the server running NetFlow Tracker has more than one IP address and you wish to listen for NetFlow exports on a specific address rather than on all of them When you have added all t...

Page 60: ...ttings If the device does not support SNMP you can change the SNMP mode to Don t use SNMP This will assign default properties to each interface encountered in NetFlow exports from the device It is also possible to freeze a device s configuration by changing the mode to Keep current configuration this will cause any new interface encountered to be ignored so should be used with caution If possible ...

Page 61: ...evice You will then be able to add traffic classes you must give each one a unique identifier that will be used if you create a URL with a traffic class filter see Filter Parameters Note that this identifier does not need to be the same as the identifier exported by any of your devices for the traffic class Once you have added the traffic classes your devices use you must configure mappings from t...

Page 62: ...n device settings page there is no way to cancel deleting a device except by pressing Cancel in the main device settings page an thus losing any other changes You should also note that if the device is still sending exports to the software it will reappear Security Settings You can set up password protection of the web front end to NetFlow Tracker by adding user accounts here To add an account typ...

Page 63: ...age Each secret value has a tag that is simply used to identify it if you need to change or delete it To add a new secret value enter a tag and the secret value twice and click Add To remove a secret value tick the box above the Delete button corresponding to it and click Delete Access control works as follows 1 A user s web browser requests a URL from the portal s proxy server probably as a resul...

Page 64: ...ret s3cr3t acldevice 4 3 2 1 templ id 0000 P L This sets up a rule to proxy requests for http proxy tracker1 report1 to an access controlled request to the NetFlow Tracker server RewriteRule tracker1 http 1 2 3 4 1 P L QSA This sets up a rule to proxy any requests for URLs starting with http proxy tracker1 to an equivalent request to the NetFlow Tracker server ProxyPassReverse tracker1 http 1 2 3 ...

Page 65: ...ape set the default size and orientation of each page in a PDF version of a report or chart Note that if a report is too wide to fit on a page the page is made bigger keeping the same orientation and ratio of width to height Real time Reports Rows per tabular report page is the number of rows shown on each page of a tabular report Note that the device and interface status reports show all rows on ...

Page 66: ...or any scheduled report To create a scheduled report enter a name and select if the report is a real time report long term report or executive report and click New You can also choose Custom as the report type if you want to use a hidden report You can edit or delete an existing scheduled report by clicking its name The new page that is opened for the scheduled report allows you to control whether...

Page 67: ... each device in the system or for each interface inbound or outbound These reports can still have a filter or time mask applied if desired A per device inbound interface or outbound interface report can be accessed from the long term filter editor or by drilling down from the long term device or interface charts Elements stored per sample is very similar to the number of elements considered per ch...

Page 68: ...ut a means of supplying a filter and this could cause problems Once you have added sub reports to the executive report you must then specify the report content The executive report is made up of rows and each row contains one or more cells A cell can be configured to span a number of columns allowing complex layouts To add a row click the Add Row button you can then add cells to the row There are ...

Page 69: ...scription as the cell style you will probably need to enclose the text in HTML tags as follows span class repdesctext Test span Note that when an executive report is formatted as PDF only the three standard styles are understood and all HTML tags are removed from the text You can control the layout of the report by moving rows up and down and cells left and right within their rows Complex layouts ...

Page 70: ...ow consists of a single HTML cell containing a short description of the report Click Add Row to add a row then select HTML and click Add Cell Choose Report Description as the CSS class and enter the following as the HTML span class repdesctext Top applications on our Internet router over the last 24 hours and last seven days span You should change the text to reflect the filter applied to your sub...

Page 71: ...ct Today as the report Legend as the only section and deselect all controls Don t forget to make the cell cover two columns Finally the fifth sixth and seventh rows are the same as the second third and fourth however the title HTML should be Last 7 Days and the sub report This Week for all three sub report cells The seventh row consists of a single report cell containing the chart legend as above ...

Page 72: ...dence and every grouped application is of a higher precedence than every simple single port application To define a grouped application you must first give it a unique identifier and a name you can then add rules to it The application identifier is used in long term data to identify the application so it is not possible to change the identifier of an existing grouped application for the same reaso...

Page 73: ...ver but bear in mind that reports over large amounts of data may take considerably longer to run Maximum in memory temporary table size is the maximum amount of memory the database server will use during a query when it has been told not to expect a large result set Increasing this will increase the amount of data that can be reported on with Expect large result sets set to Never before there is a...

Page 74: ...sed before the backup so ensure that you move scheduled backups to long term storage if required It may be advisable to schedule a backup to different locations on alternate days Backing up the real time database takes a long time and it is advisable to omit it on a busy system unless it is essential To restore a backup you must first install exactly the same version as you had previously you may ...

Page 75: ...tings NetFlow Tracker uses a small amount of memory during its normal operation You can control this amount by changing the values here but it is not likely to be necessary Note that it is possible to prevent the software from working by setting inappropriate values Note also that this page is not available on Unix installations to change the memory settings on Unix the start script must be edited...

Page 76: ...s For a period after starting NetFlow Tracker or after a router reboot flows may be received without NetFlow Tracker knowing how to decode them Interface Scans The software must scan the interface list of each device exporting to it whenever the device or the software is restarted A large number of rescans particularly failed ones indicates a problem Missed Flows NetFlow version 5 and 7 exports co...

Page 77: ...roblem on a Catalyst switch Please contact technical support About The about page shows a summary of information about what versions of NetFlow Tracker Java MySQL and you server s operating system are installed It also shows whether all main subsystems are running Technical support may ask for this page to help diagnose a problem ...

Page 78: ... your NetFlow Tracker machine and one of the ports configured in the Listener Ports settings page Port 2055 is monitored by default ip flow export source loopback 0 The source interface is used to set the source IP address of the NetFlow exports sent by the router NetFlow Tracker will make SNMP requests of the router on this address If you experience problems you can set the source interface to an...

Page 79: ...nables NetFlow for outbound traffic on the interface and is required if you are using input filters You may enable NetFlow for both inbound and outbound traffic on a single interface if you are interested only in its traffic in this case ensure that no other interface has NetFlow enabled Egress NetFlow is also useful if you are monitoring a router that is applying QoS to the traffic it routes by u...

Page 80: ...ion you must use on the supervisor is dependent on your hardware configuration and IOS version Distributed Forwarding Cards and 12 1 13 E03 12 1 18 1 E 12 2 13 6 S 12 2 15 1 S 12 2 17a SX or above use version 5 Note that this configuration will cause the Performance Counters to report missed flows that are not actually missed this is the result of an IOS bug fixed in the SXF strains Distributed Fo...

Page 81: ...w Exports This information is unavailable with any earlier IOS version on the Supervisor Engine 2 or 720 If you have a Supervisor Engine 1 the third command is required to put full information into the NetFlow Exports ip flow ingress layer2 switched vlan vlanlist ip flow export layer2 switched vlan vlanlist A PFC3B or PFC3BXL running 12 2 18 SXE or higher is required for this command which enables...

Page 82: ...ured in the Listener Ports settings page Port 2055 is monitored by default set mls nde version 7 This sets the export version Version 7 is the most recent full export version supported by switches set mls agingtime long 64 This breaks up long lived flows into roughly one minute segments set mls agingtime 32 This ensures that flows that have finished are exported in a timely manner set mls flow ful...

Page 83: ...00 8500 9500 or 10000 series running PacketWise v7 0 0 or above and having 256MB or more of memory can be configured to send either NetFlow records or a similar proprietary format to NetFlow Tracker For more information visit http support packeteer com documentation packetguide rc3 1 overviews flowde tail htm To enable Flow Detail Records first log in to the PacketShaper in touch mode then open th...

Page 84: ...This will lead to large spikes in charts for the device Enabling NetFlow on an Enterasys Device NetFlow Tracker supports Enterasys devices capable of exporting NetFlow version 9 exports To enable NetFlow enter the following commands while logged in to the router with read write access set netflow cache enable This enables NetFlow set netflow export destination address 2055 Use the address of your ...

Page 85: ... is the time range and filter Each subsequent section represents a single chart equivalent to the tabs above the chart in interactive mode The first line of the section is the name of the chart followed by a row for each charted element consisting of a description followed by a usage octet count or packet count Tabular report CSV format Each section is separated by a row of signs The first section...

Page 86: ...ve the chart in interactive mode The next tag describes the types and headings of each column in the description of each charted element the subsequent tag provides the type heading and overall total for each summary column The final tag describes each charted element or dataset Each dataset has a value for each description column unless it is marked as being an others dataset and a value for each...

Page 87: ... NetFlow Tracker includes Apache Xerces Java 2 9 0 available at http xerces apache org xerces2 j This is distributed under the Apache Software License a copy of which is available at http www apache org LICENSE IE5 5 PNG Alpha Fix NetFlow Tracker includes the IE5 5 PNG Alpha Fix 1 0RC4 available at http www twinhelix com css iepngfix demo This is distributed under the CC GNU Lesser GNU Public Lice...

Page 88: ...he Advantys Freeware license contract a copy of which is available at http web archive org web 20031209160524 http www jspsmart com libloca l docs legal htm Quartz NetFlow Tracker includes Quartz 1 6 0 available at http www opensymphony com quartz This is distributed under the Apache Software License a copy of which is available at http www apache org LICENSE ...

Reviews:

No comments

Related manuals for Computer Accessories

JASTEC von-S2 Instruction Manual preview
von-S2
Brand: JASTEC Pages: 12
parktool PB-5 Manual preview
PB-5
Brand: parktool Pages: 2
oliser MS Instructions Manual preview
MS
Brand: oliser Pages: 6
TAUBENREUTHER 16 - 590 Fitting Instructions Manual preview
16 - 590
Brand: TAUBENREUTHER Pages: 11
Yakima SKYBOX Series Manual preview
SKYBOX Series
Brand: Yakima Pages: 15
Vega VEGABAR 81 Quick Setup Manual preview
VEGABAR 81
Brand: Vega Pages: 20
Vega SOLITRAC 31 Operating Instructions Manual preview
SOLITRAC 31
Brand: Vega Pages: 88
Vega MINITRAC 31 Quick Setup Manual preview
MINITRAC 31
Brand: Vega Pages: 28
Vega vegaflex 83 Operating Instruction preview
vegaflex 83
Brand: Vega Pages: 92
IAG IAG-ENG-5003BK Instructions preview
IAG-ENG-5003BK
Brand: IAG Pages: 3
Celestron EDGEHD Manual preview
EDGEHD
Brand: Celestron Pages: 24
Kasanova MAS022075 Instruction Manual preview
MAS022075
Brand: Kasanova Pages: 22
FORM FIT 1303 Installation Instructions preview
1303
Brand: FORM FIT Pages: 2
Kodak TI-2037 Technical Data preview
TI-2037
Brand: Kodak Pages: 4
Da-Lite Safety Belt A-552 Customer Instruction Booklet preview
Safety Belt A-552
Brand: Da-Lite Pages: 4
S&P SQA Quick Start Manual preview
SQA
Brand: S&P Pages: 12
Menabo DELTA DL FIX 209FP Fitting Instructions Manual preview
DELTA DL FIX 209FP
Brand: Menabo Pages: 8
Moman ML6-DC User Manual preview
ML6-DC
Brand: Moman Pages: 2

Brands by name

Popular brands

Load more brands