NetFlow Tracker User’s Guide Version 3.5 May 2007 Copyright 2004 - 2007 Fluke Corporation. All rights reserved. All product names are trademarks of their respective companies. w.flukenetworks.
User’s Guide – version 3.
User’s Guide – version 3.
User’s Guide – version 3.
User’s Guide – version 3.5 NetFlow Tracker Software License Agreement This is a legal agreement between you (“You”/ “the End User””), and Fluke Corporation, a Washington corporation, its subsidiaries and affiliates, including Fluke Networks (“Fluke”), with offices at 6920 Seaway Boulevard, Everett, Washington, 98203, USA.
User’s Guide – version 3.5 NetFlow Tracker If You have purchased the maintenance and support services from Fluke then subject to payment of the support fees, Fluke shall provide such services in respect of the Product in accordance with the provisions of the Support and Maintenance Agreement contained in Appendix 1. 3. COPYRIGHT All intellectual property rights in the Product belong to Fluke and You acknowledge that You have no ownership claims or rights whatsoever in the Product.
User’s Guide – version 3.5 6. NetFlow Tracker CUSTOMER REMEDIES You must call your Fluke representative for an authorization to return any item during the 90 day warranty period referred to in clause 5 above, and You will be supplied with a return authorisation number and an address for returning the item together with a copy of your receipt. You acknowledge that your sole remedy for any defect in the Product will be Your rights under clause 5. 7.
User’s Guide – version 3.5 11. NetFlow Tracker CONFIDENTIAL INFORMATION AND SECURITY During and after this Agreement, the Parties will keep in confidence and use only for the purposes of this Agreement all Confidential Information.
User’s Guide – version 3.5 NetFlow Tracker 14.4 If any provisions of the Agreement are held to be unenforceable, illegal or void in whole or in part the remaining portions of the Agreement shall remain in full force and effect. 14.
User’s Guide – version 3.5 NetFlow Tracker Appendix 1 to End User Licence Terms and Conditions for Fluke Support and Maintenance Service 1. Definitions 1.
User’s Guide – version 3.5 NetFlow Tracker 1.7 The contents of the Schedule form an integral part of this Agreement and shall have as full effect as if it were incorporated in the body of this Agreement and the expressions “this Agreement” and “the Agreement” used in the Schedule shall mean this Agreement and any reference to “this Agreement” shall be deemed to include the Schedule. 2. Support Services 2.
User’s Guide – version 3.5 NetFlow Tracker 5.4 Without prejudice to the generality of clause 5.3 and for the avoidance of doubt, to the fullest extent permitted by law all terms implied by Sections 13, 14 and 15 of the Sale of Goods Act, 1893 are hereby excluded and all terms implied by the Sale of Goods and Supply of Service Act, 1980 including, without prejudice to the generality of the foregoing, Section 39, are hereby excluded and the parties agree that this is fair and reasonable. 6.
User’s Guide – version 3.5 9. NetFlow Tracker Confidential Information and Security 9.1 During and after this Agreement, the Parties will keep in confidence and use only for the purposes of this Agreement all Confidential Information.
User’s Guide – version 3.5 NetFlow Tracker Schedule Support Services 1. Support Hours The Support Hours during which Fluke shall supply the Support Services shall be between 9.30am and 5pm on Working Days. 2. Support Services Fluke shall provide You during the Support Hours with: 2.1.
User’s Guide – version 3.5 NetFlow Tracker Introduction This document is the user manual for NetFlow Tracker, a software product designed to collect NetFlow information from Cisco equipment and present it in a meaningful way. This document does not provide any assistance with Cisco equipment itself. Please consult your Cisco documentation for any queries you have relating to the equipment itself. For more information on NetFlow from the Cisco website, go to http://www.cisco.com/go/netflow.
User’s Guide – version 3.5 NetFlow Tracker • Every report and chart can be formatted as CSV or XML for further processing or as simplified HTML or PDF for printing or emailing. • Straightforward URL format for linking current, automatically updated charts into other applications. • Optimized database structure ensures fast report generation under heavy load.
User’s Guide – version 3.5 NetFlow Tracker Installation Minimum System Requirements The type of system required to run NetFlow Tracker depends on the number of devices sending NetFlow information to it and the amount and nature of traffic handled by those devices. The following requirements are a guideline; the only way to determine your requirements is by testing the software’s performance in your network environment.
User’s Guide – version 3.5 NetFlow Tracker • NetFlow Tracker contains an embedded web server. Web servers normally run on port 80, but this may be in use by another web server on your system. You can choose a different port during installation or disable other web servers prior to installation if you wish. • If you have previously configured a router for NetFlow Monitor, note that NetFlow Tracker requires a different active flow timeout or long aging timer be configured.
User’s Guide – version 3.5 NetFlow Tracker Custom Setup You will only see this dialog if you chose custom setup above. You should see options for NetFlow Tracker and MySQL, unless an unsupported version of MySQL was detected. To change the install folder for either NetFlow Tracker or MySQL, click on the feature and then on “Change…”. Select HTTP Port You will only see this dialog if you chose custom setup or if port 80 is in use.
User’s Guide – version 3.5 NetFlow Tracker Set up SNMP community strings If any of the devices you intend monitoring do not use a read-only SNMP community of “public” you will need to add their communities to the list in SNMP Settings. Add listener ports If you intend monitoring more than one device it is recommended that you set up one listener port per device rather than use the default port 2055 for all of them. You can add ports in the Listener Ports settings page.
User’s Guide – version 3.5 NetFlow Tracker Using NetFlow Tracker Once you have installed NetFlow Tracker and configured your devices, data will be available within a few minutes. There are many ways to access this data. Real-time Data NetFlow Tracker stores up to fourteen days full NetFlow data with one minute resolution. This data can be reported upon once it is several minutes old.
User’s Guide – version 3.5 NetFlow Tracker Device traffic meters In addition to the orderable columns there are two graphical meter columns that allow you to instantly see which devices are currently busy. Each chart shows you the recent peak and the current rate: Each chart is scaled relative to the busiest device; this ensures that a high value on a chart indicates a relatively high traffic or packet rate.
User’s Guide – version 3.5 NetFlow Tracker Per-AS data If your router uses BGP to route traffic it will provide source and destination origin or peer AS numbers in its NetFlow data. NetFlow Tracker creates optimised bi-directional charts for each AS just as it does for each interface. An AS chart is only available for a single device as otherwise there is a high chance that some or all traffic will be accounted for multiple times by multiple routers.
User’s Guide – version 3.5 NetFlow Tracker Zooming in You can zoom in to the chart by clicking the zoom in button on the toolbar: This will zoom in on the centre of the chart. If you want to zoom in on a particular selection, see Selecting a time range below. Note that zooming in will stop the chart from automatically refreshing.
User’s Guide – version 3.5 NetFlow Tracker Alter the filter applied to a standard chart Most charts allow you to change the applied filter by click the filter editor toolbar button: See Creating Filtered Reports for more about the filter editor. View resolved domain names If a chart shows IP addresses several of them may be underlined; this indicates that you can see the resolved domain name by hovering the mouse over the address.
User’s Guide – version 3.5 NetFlow Tracker Working with Pie Charts Most charts can be displayed instead as a pie chart. Rather than breaking the selected time range into small chunks and charting each one, a pie chart shows each of the top element’s proportion of the total octets or packets during the entire time range. Most of the toolbar buttons used for working with a chart are also used for working with a tabular report; however there are some differences.
User’s Guide – version 3.5 NetFlow Tracker Sort a tabular report A report can be sorted on any of the columns describing the reported elements, or can be sorted by traffic or packet rate. Simply click the column heading – if you click a column heading twice it will be sorted in the opposite order. Examine a single row Every row in a tabular report has a radio button to its left: You can click one of these radio buttons to select a row to drill down into. Note that only one row can be selected.
User’s Guide – version 3.5 NetFlow Tracker Report Templates Whenever you create a new tabular report or chart you can choose any of the standard report templates depending on what you want to examine: Address Reports • Source Addresses – shows the IP addresses that were the source of most traffic or packets. • Destination Addresses – shows the destination IP addresses that were the destination of most traffic or packets.
User’s Guide – version 3.5 NetFlow Tracker • Bi-directional Conversations – adds extra columns showing the traffic and packets sent from destination to source and the bi-directional totals for each conversation. • Source Endpoints – shows the IP addresses and corresponding applications that were the source of most traffic or packets. The top source endpoints inwards on a link are the remote services using your bandwidth. As with the conversations reports, grouped applications are not used.
User’s Guide – version 3.5 NetFlow Tracker • Networks – shows the IP subnets that were the source or destination of the most traffic or packets. • Network Pairs – shows the pairs of connected IP subnets that exchanged most traffic or packets. • Bi-directional Network Pairs – adds extra columns showing the traffic and packets sent from destination to source and the bi-directional totals for each network pair.
User’s Guide – version 3.5 NetFlow Tracker Some filters allow a range of items to be added; in this case enter the start and end of the range in the boxes provided. To select a single item, leave the right-hand box empty, If you are logged in as an administrator or not logged in you can save a filter by clicking “Save…” at the bottom of the page. This allows you to assign a name to a set of filters for re-use later.
User’s Guide – version 3.5 NetFlow Tracker Time zone You can change the time zone used to interpret the start and end times and time masks from the default of the time zone used by the NetFlow Tracker server. Source device You must select which router or switch you want to consider. If you need to consider more than one device, click “Multiple…”, but be aware that if you select multiple devices there is a chance that some or all traffic may be accounted for multiple times.
User’s Guide – version 3.5 NetFlow Tracker Protocol You can restrict the set of IP protocols considered. For example, you may want to consider only UDP or ICMP traffic while investigating a denial-of-service attack. Source port The source port filter restricts the source application port number; it should be used in conjunction with the protocol filter. Dest port This restricts the destination application port number.
User’s Guide – version 3.5 NetFlow Tracker DiffServ This will select only traffic bearing one of the selected differentiated service code points. Since DiffServ and ToS use the same field in the IP header you should not use both filters at the same time. You can assign a name to a code point using the DiffServ Names settings page. Traffic class This filter selects traffic with the given traffic class.
User’s Guide – version 3.5 NetFlow Tracker Long-term Reports Long-term reports allow you to look at data over much longer time ranges than is possible with the standard real-time database. The data for long-term reports is summarized in advance so a long-term report over several days or weeks can often be much faster than an equivalent real-rime one.
User’s Guide – version 3.5 NetFlow Tracker If you select a per-device, per-inbound interface or per-outbound interface report you must also specify what device or interface to report upon. The editors for selecting a device or interface are slightly different to their counterparts in the real-time Filter Editor in that they allow only one item to be selected.
User’s Guide – version 3.5 NetFlow Tracker Reports The “Reports” menu on the NetFlow Tracker homepage contains links to user-defined executive and scheduled reports. An executive report is a pre-defined template that contains one or more charts or tabular reports. Executive reports can be created to show related information on one page and to allow quick access to commonly-used reports.
User’s Guide – version 3.5 NetFlow Tracker Report URL Format You can easily generate your own URLs or modify automatically created ones for use in network management portals favourites lists. General Form http://:/report.jsp?prm=value&prm=value...
User’s Guide – version 3.
User’s Guide – version 3.5 NetFlow Tracker output – specifies if a tabular report or chart will be generated. table A tabular report will be generated (default) chart A chart over time will be generated pie A pie chart will be generated nrecords – specifies the number of rows to show per page of a tabular report. The number of rows per page -1 Show all rows others – specifies that a tabular report shows an “others” row instead of a page navigator.
User’s Guide – version 3.5 NetFlow Tracker sections – specifies the report sections to output. The sections, formed by summing the values for each section 1 Title 2 Time range & filter description - 4 Main report or chart body 8 Chart title, if applicable 16 Chart legend, if applicable 32 Result information, if applicable The sections that are not displayed features – specifies the available interactive report features.
User’s Guide – version 3.5 NetFlow Tracker format – specifies the output format of the report or chart. html Fully interactive HTML (default) print Printable/saveable HTML pdf PDF csv Comma separated values xml XML reload – specifies the number of seconds between automatic refreshes of the report.
User’s Guide – version 3.5 NetFlow Tracker etime – specifies the end of the required time range.
User’s Guide – version 3.5 NetFlow Tracker The time range will extend to the end of this number of full units before the time of report generation nunits – specifies the number of units required. Note that this may include a partial unit.
User’s Guide – version 3.5 NetFlow Tracker edate_nunitsago – (optional) specifies the number of units before the time of report generation of the last day of the time range.
User’s Guide – version 3.5 NetFlow Tracker Specifying a time zone By default the time zone used to interpret calendar-based time ranges and time-of-day masks is the time zone of the NetFlow Tracker server. You can specify a non-default time zone if you wish. Note that if a long-term report has a configured time zone or mask, this parameter will have no effect. timezone – specifies the time zone of the report.
User’s Guide – version 3.5 NetFlow Tracker 115 (GMT+02:00) Bucharest 120 (GMT+02:00) Cairo 140 (GMT+02:00) Harare, Pretoria 125 (GMT+02:00) Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius 135 (GMT+02:00) Jerusalem 158 (GMT+03:00) Baghdad 150 (GMT+03:00) Kuwait, Riyadh 145 (GMT+03:00) Moscow, St.
User’s Guide – version 3.5 285 (GMT+12:00) Fiji, Kamchatka, Marshall Is. 300 (GMT+13:00) Nuku'alofa NetFlow Tracker Specifying the chart sample size When you create a real-time chart the system chooses a sample size that will create as close to 150 samples over the full width of the chart as possible. If you want to you can specify a different sample size to show, for example, a day in hour-long samples or a month in day-long samples. sample_unit – specifies the unit to measure the sample size in.
User’s Guide – version 3.5 NetFlow Tracker sample – specifies the source long-term data to use 10minute Daily data (ten minute samples) will be used 1hour Weekly data (one hour samples) will be used 6hour Monthly data (six hour samples) will be used 12hour Quarterly data (twelve hour samples) will be used 1day Half-yearly data (one-day samples) will be used 2day Yearly data (two-day samples) will be used Filter Parameters Any number of filters can be applied to a report.
User’s Guide – version 3.5 NetFlow Tracker invpn – specifies a VPN that the input interface must be part of. The VPN name; see Device Settings for more information The VPN identifier outvpn – specifies a VPN that the output interface must be part of. Format as for invpn above. vpn – specifies a VPN that either interface must be part of. Format as for invpn above. srcaddr – specifies an acceptable source address.
User’s Guide – version 3.5 NetFlow Tracker dstport – specifies an acceptable destination application port number. Format as for srcport above. dstport_exclude=true – specifies that the supplied destination application port numbers are excluded rather than included. srcappl – specifies an acceptable source IP application.
User’s Guide – version 3.5 NetFlow Tracker applid_exclude=true – specifies that the supplied identified applications are excluded rather than included. tos – specifies an acceptable Type-of-Service value.
User’s Guide – version 3.5 NetFlow Tracker dstas_exclude=true – specifies that the supplied destination autonomous system numbers are excluded rather than included. as – specifies an acceptable source or destination autonomous system number. Format as for srcas above. as_exclude=true – specifies that the supplied source or destination autonomous system numbers are excluded rather than included. srcnet – specifies an acceptable source subnet. Note that the subnet mask supplied by the router is ignored.
User’s Guide – version 3.5 NetFlow Tracker nexthop – specifies a next-hop address. The address in dotted-decimal format - A range of addresses, with being the start of the range and the end nexthop_exclude=true – specifies that the supplied next-hop addresses are excluded rather than included. Security Parameters If a username and password is required to access a report it can be specified in the URL. j_username – specifies the username.
User’s Guide – version 3.5 NetFlow Tracker Management Portal Access Control Parameters The following parameters are used by a management portal that provides users with access to NetFlow Tracker reports as described in Management Portal Settings. portalsecret – specifies the secret value assigned to the management portal in Management Portal Settings. The secret value acldevice – specifies the address of a permitted NetFlow-exporting device. Format as for device above.
User’s Guide – version 3.
User’s Guide – version 3.
User’s Guide – version 3.5 NetFlow Tracker Performance Tuning There are several factors that influence how quickly a given report is generated: Disk Speed The first step in creating a report is reading the raw data from disk; increasing the speed of the disk subsystem will make reporting faster. A high-quality server RAID card running a striped pattern such as RAID 5 over fast disks is recommended; more disks will make the array faster.
User’s Guide – version 3.5 NetFlow Tracker Configuration Guide To open any of the settings pages, click “Settings” on the main page. If you have password protection enabled you may have to login as an administrative user to see the link. Each settings page controls a single aspect of the software; if you make any changes you must click “Ok” on the page before they will be applied and changed. “Cancel” will return to the main settings page without altering anything.
User’s Guide – version 3.5 NetFlow Tracker Device Settings Device List This page allows you to check the status of a known device and override the interface descriptions and speeds obtained from it.
User’s Guide – version 3.5 NetFlow Tracker A device may be configurable to send the BGP next-hop address in its NetFlow exports; if this is the case you will have the option to store this value in place of the IP next-hop for the device. Sampled Data Scaling If a device performs packet sampling to simplify the generation of NetFlow data you can choose to scale each NetFlow record by the sampling interval and thus produce traffic and packet rates that more accurately reflect the real levels.
User’s Guide – version 3.5 NetFlow Tracker If you wish to prevent interfaces that never report any NetFlow data from appearing in the interface status report and Filter Editor check the box corresponding to the interface in the “inactive” column. If the configuration of the device has changed there may be some unused interfaces listed separately; it is likely you will want to mark these as inactive. VPNs NetFlow Tracker can associate an interface on a device with a VPN for reporting and filtering.
User’s Guide – version 3.5 NetFlow Tracker You can use your own html page if you wish by putting it in the “customweb” folder under the NetFlow Tracker install folder; it is then available from the NetFlow Tracker server as, for example, http://server/customweb/file.html, so the homepage would be simply customweb/file.html.
User’s Guide – version 3.5 NetFlow Tracker Using Apache as a Portal Server The Apache web server supports several directives in its configuration file (httpd.conf) that allow it to be used as a programmable proxy server: RewriteEngine On This enables the URL rewriting module. RewriteRule ^/tracker1/report1$ http://1.2.3.4/report.jsp?portalsecret=s3cr3t&acldevice=4.3.2.
User’s Guide – version 3.5 NetFlow Tracker Report Settings This page lets you configure various values affecting the way reports and charts appear in NetFlow Tracker. General Settings • Show hostnames in reports controls whether reports and charts are opened with all resolvable hostnames resolved and shown by default.
User’s Guide – version 3.5 NetFlow Tracker Saved Filters Saved filters can be defined that can be added wherever a filter editor appears in the software. A saved filter allows you to attach a name to, for example, a time-of-day mask or a filter that selects traffic related to a particular multi-port application or group of servers. To create a saved filter, type a name in the box and click “New…”, then use the provided Filter Editor to define the filter.
User’s Guide – version 3.5 NetFlow Tracker You can choose to have the report generated as PDF or as HTML in the same format as the printable version of a report. HTML can be generated as a single file (MHTML) or a zip file containing the HTML, stylesheets and images. You can also choose CSV or XML format. Note that when a report is generated on-demand from the Reports page it is formatted in the normal interactive HTML format.
User’s Guide – version 3.5 NetFlow Tracker Executive Reports An executive report is a pre-configured template that contains one or more reports or charts and user-defined HTML content. They can be used to provide easy access to often-used reports or to group related reports together on one page. To create an executive report, enter a name and click “New…”. You can edit an existing report by clicking its name.
User’s Guide – version 3.5 NetFlow Tracker A HTML cell has a CSS style that is used to control its appearance. Three standard styles are offered – “Report Title” produces a cell that looks exactly like a report title, “Report Description” one with the blue background of a report’s time range and filter description and “Content Cell” one with a simple white background.
User’s Guide – version 3.5 NetFlow Tracker An Example Executive Report – Top Applications Today and This Week This report contains two sub reports, one showing top applications for a device over the last 24 hours and the other over 7 days. The reports are shown as pie and time charts, and HTML cells are used to annotate the report. Sub-reports Add a real-time sub-report with a tag of “Today”.
User’s Guide – version 3.5 NetFlow Tracker The fourth row consists of a single sub-report cell containing the chart legend for the first sub-report. No interactive controls are supported. Simply select “Today” as the report, “Legend” as the only section, and deselect all controls. Don’t forget to make the cell cover two columns.
User’s Guide – version 3.5 NetFlow Tracker IP Application Names NetFlow Tracker receives application information in the form of a protocol number and port number. These correspond directly to specific network applications. Many are predefined (well-known ports) while others (registered ports) are defined by the software manufacturer. NetFlow Tracker comes configured with the well-known ports as well as many others. You can edit this list yourself with this page.
User’s Guide – version 3.5 NetFlow Tracker AS Names This page lets you assign names to AS numbers appearing in reports. AS numbers below 34816 are assigned by several agencies; NetFlow Tracker comes with many of these ASes already named. Numbers between 34816 and 64511 are held by the IANA and should not be used. Numbers above 64511 are for private use and can be named using this page. You can assign or edit the name for a public or reserved AS by clicking “(more…)” in the title of the AS column.
User’s Guide – version 3.5 NetFlow Tracker • Store real-time data for allows you to change the number of days full real-time data is stored for. You can reduce this to save disk space, or increase it if you are sure you have enough free space. • Store 10 minute, 1hour, etc. long-term data for allows you to change how long the different types of long-term data are stored for.
User’s Guide – version 3.5 NetFlow Tracker Archiving NetFlow Tracker can be configured to archive real-time data older than the age configured in Database Settings to a nominated location rather than delete it. Archiving is enabled for a device in Device Settings; the archiving settings page allows you to set the archive location and mount archived data back into the system for reporting using the Filter Editor.
User’s Guide – version 3.5 NetFlow Tracker NetFlow Data Received This counter shows the number of exports and the amount of NetFlow data received by the software from each device. Note that this is not the amount of traffic described by the exports but the LAN traffic generated by the exports themselves. Traffic Described This counter keeps track of the total amount of network traffic across all interfaces in each direction described by NetFlow exports received from each device.
User’s Guide – version 3.5 NetFlow Tracker No In Interface If flows arrive with no in interface it may indicate a configuration problem on a Catalyst switch. Please contact technical support. About The about page shows a summary of information about what versions of NetFlow Tracker, Java, MySQL and you server’s operating system are installed. It also shows whether all main subsystems are running. Technical support may ask for this page to help diagnose a problem.
User’s Guide – version 3.5 NetFlow Tracker Appendix 1: Device Configuration This is a brief guide to setting up NetFlow on various types of device. Note that if your device isn’t listed here it does not mean it is not supported by NetFlow Tracker; please ask your device vendor for a guide to enabling NetFlow. Enabling NetFlow Export/NDE on a Cisco Router or Layer 3 Switch For more information on this subject, visit http://www.cisco.com/go/netflow.
User’s Guide – version 3.5 NetFlow Tracker ip flow-cache timeout active 1 This breaks up long-lived flows into one-minute segments. ip flow-cache timeout inactive 15 This ensures that flows that have finished are exported in a timely manner. interface ip route-cache flow or ip flow ingress or ip route-cache cef bandwidth exit You need to enable NetFlow on each interface through which traffic you are interested in will flow. This will normally be the Ethernet and WAN interfaces.
User’s Guide – version 3.5 NetFlow Tracker Enabling NetFlow Export on a 4000 Series Switch The 4000 and 4500 series switches require a Supervisor IV with a NetFlow Services daughter card (WS-F4531), or a Supervisor V, and IOS version 12.1(19)EW or above to support NetFlow. First configure the device as for an IOS device above, omitting the command ip route-cache flow on each interface, and then issue the following: ip route-cache flow infer-fields This ensures routing information is included in the flows.
User’s Guide – version 3.5 NetFlow Tracker mls flow ip interface-full mls nde interface or mls flow ip full If you have a Supervisor Engine 2 or 720 running IOS version 12.1.13(E) or higher the first two commands are required to put interface and routing information into the NetFlow Exports. This information is unavailable with any earlier IOS version on the Supervisor Engine 2 or 720. If you have a Supervisor Engine 1 the third command is required to put full information into the NetFlow Exports.
User’s Guide – version 3.5 NetFlow Tracker Configuring NDE on a CatOS Device A layer 3 switch running CatOS appears as two devices; the MSFC can be configured to export NetFlow information on all the packets it routes by following the instructions for configuring an IOS device above. In privileged mode on the Supervisor Engine, issue the following to enable NDE: set system name Set the name of your switch.
User’s Guide – version 3.5 NetFlow Tracker Configuring NetFlow Input Filters for Traffic Class Reporting IOS versions 12.2(25)S, 12.2(27)SBC and 12.3(4)T and greater support the NetFlow Input Filters feature, which can be used by NetFlow Tracker to report upon the traffic class used to route each flow. flow-sampler-map allflows mode random one-out-of 1 exit Create a flow sampler that exports every flow record.
User’s Guide – version 3.5 NetFlow Tracker To ensure that NetFlow Tracker receives enough information from the device you must ensure that the “Look Community String” configured in the “SNMP” page is one of those set up in SNMP Settings, and you must set “Packeteer-0 Packets” to “on” in the “system variables” page. If you have a recent version of PacketWise, you may have extra settings on the “system variables” page that should be changed.
User’s Guide – version 3.5 NetFlow Tracker Appendix 2: CSV File Format Every standard chart and tabular report can be converted to comma-separated-value format for importing into a database server or spreadsheet. Chart CSV format Each section is separated by a row of “=” signs. The first section is the chart title; the second is the time range and filter. Each subsequent section represents a single chart, equivalent to the tabs above the chart in interactive mode.
User’s Guide – version 3.5 NetFlow Tracker Appendix 3: XML Format Every standard chart and tabular report can be converted to XML for use in external software. The XML schemas are provided in the xml subfolder underneath the folder where NetFlow Tracker is installed. The root of each XML document contains the report title; the first tag within the root contains information about the NetFlow Tracker version that generated the document.
User’s Guide – version 3.5 NetFlow Tracker Appendix 4: Third Party Software Components This product includes software developed by the Apache Software Foundation (http://www.apache.org/). This product includes software developed by Advantys (http://www.advantys.com). Apache Commons Collections NetFlow Tracker includes Apache Commons Collections 3.2, available at http://commons.apache.org/collections/. This is distributed under the Apache Software License, a copy of which is available at http://www.apache.
User’s Guide – version 3.5 NetFlow Tracker jspSmartUpload NetFlow Tracker includes jspSmartUpload 2.1 which is no longer available. This is distributed under the Advantys Freeware license contract, a copy of which is available at http://web.archive.org/web/20031209160524/http://www.jspsmart.com/libloca l/docs/legal.htm. Quartz NetFlow Tracker includes Quartz 1.6.0, available at http://www.opensymphony.com/quartz/.
