Fluke Computer Accessories manual Report Templates, Address Reports, Session Reports

Page 28

User’s Guide – version 3.5

NetFlow Tracker

Report Templates

Whenever you create a new tabular report or chart you can choose any of the standard report templates depending on what you want to examine:

Address Reports

Source Addresses – shows the IP addresses that were the source of most traffic or packets.

Destination Addresses – shows the destination IP addresses that were the destination of most traffic or packets.

Addresses – shows the IP addresses that were the source or destination of the most traffic or packets.

Address Pairs – shows the pairs of connected IP addresses that exchanged most traffic or packets.

Bi-directional Address Pairs – adds extra columns showing the traffic and packets sent from destination to source and the bi-directional totals for each address pair.

Source Address Dissemination – shows the source addresses that conversed with the most distinct destination addresses and that were involved in the most distinct endpoint-to-endpoint conversations. This can help detect file sharing or virus infected hosts.

Destination Address Popularity – shows the destination addresses that conversed with the most distinct source addresses and that were involved in the most distinct conversations.

Session Reports

Protocols – shows the IP protocols, such as TCP or UDP, used by most traffic or packets.

Source Applications – shows the IP applications that were the source of most traffic or packets. An IP application is a combination of a set of IP addresses, application ports and protocols; common examples are HTTP or FTP. You can assign names to applications using the IP Application Names settings page.

Examining the source applications inwards on an interface can show you what applications are using your Internet bandwidth.

Destination Applications – shows the IP applications that were the destination of most traffic or packets. The destination applications outwards can show the most requested applications on a link.

Recognised Applications – shows the IP applications that were the source or destination of most traffic or packets. Whether the application was the source or destination depends on whether it has a name defined in the IP Application Names settings page, or if neither have names, whichever has the lower port number.

Conversations – shows the pairs of connected endpoints that exchanged most traffic or packets. A single conversation represents, for example, a web browser downloading a single image. Note that a conversation has exactly one source and destination address and application port – grouped applications are not used.

28

Page 27 Page 29
Image 28
Page 27 Page 29
Contents NetFlow Tracker Contents LONG-TERM Reports Appendix 2 CSV File Format Software License Agreement Grant of Licence and Payment of FeesCopyright Customer Remedies Confidential Information and Security User’s Guide version NetFlow Tracker Definitions Support Services Support ChargesUndertakings by You Supplier’s UndertakingsIntellectual Property Rights Limitation of Liability and indemnityTermination Confidential Information and Security MiscellaneousSupport Hours Exceptions to Support ServicesResponse Times What is NetFlow? What is NetFlow Tracker?Features and Benefits IntroductionUser’s Guide version NetFlow Tracker Installation Pre-installation ChecksMinimum System Requirements Operating System SupportInstallation on Microsoft Windows Installation on Linux Post-installation Tasks Set up Snmp community strings Set up web front-end securityConfigure your routers and switches Add listener portsUsing NetFlow Tracker Device traffic meters InterfacesWorking with Charts Changing the displayed chartChart legend Per-AS dataView a standard chart as a pie chart View a standard chart as a tabular reportZooming Zooming outAlter the filter applied to a standard chart Export a chart to another applicationPrint the chart Open the chart in a new windowWorking with Pie Charts Working with Tabular ReportsSort a tabular report Examine a single rowAddress Reports Report TemplatesSession Reports QoS Reports Network ReportsCreating Filtered Reports Interface ReportsTraffic Identification Reports Other ReportsReport template Sample sizeSource data Start timeTime zone Source deviceInterface Out interfaceProtocol Source portDest port Src/dest portDiffServ Traffic classSource AS Dest ASLong-term Reports Devices and InterfacesPer-device and Per-interface Long-term Reports Filter EditorUser’s Guide version NetFlow Tracker Reports General Form Report URL FormatReport Format Parameters 0023 00240025 0026Chart PieNumber TrueFeatures Sections128 256Time Range Parameters Millis HourDay WeekTime range will extend for this number of units Calendar-based advancedApplying a time-of-day mask to the time range HHmmDay1-day2/time1-time2 110 105100 113115 120140 125285 300Minute DailyFilter Parameters Addr1-addr2 NamePort1-port2 Port/name Port/numberPort1-port2/name Port1-port2/numberPrec TosPrec%20tos CodeAddr/mask MaskSecurity Parameters PasswordUsername Secret Management Portal Access Control ParametersNull VPN Out VPN Chart scrollbar Chart selection headersFilter Editor button, if applicable Refresh and Resolve All buttons, if applicablePerformance Tuning Database Server SettingsDisk Speed Query SizeConfiguration Guide Snmp SettingsLicensing Listener PortsDevice Settings Device SettingsDevice List Sampled Data Scaling Security Settings VPNsManagement Portal Settings Http//proxy/tracker1/report1Http//tracker1/report.jsp?portalsecret=secret&aclif= Http//proxy/tracker1/report.jsp?portalacl=Using Apache as a Portal Server RewriteEngine OnRewriteRule /tracker1/.*$ http//1.2.3.4/$1 P,L,QSA ProxyPassReverse /tracker1/ http//1.2.3.4General Settings Report SettingsReal-time Reports Saved Filters Scheduled ReportsLong-term Reports Executive Reports Span class=repdesctextTest/span Content Nelements=5 and chartWidth=400Sub-reports User’s Guide version NetFlow Tracker IP Application Names Hostname Resolution SettingsDiffServ Names AS Names Database SettingsSubnet Names Backup Archiving Memory SettingsPerformance Counters NetFlow Data Received Traffic DescribedIgnored Flows Unprocessed FlowsetsAbout No In InterfaceAppendix 1 Device Configuration Enabling Netflow Export on an IOS DeviceIp cef Ip flow-export destination addressIp flow-cache timeout active Ip flow-cache timeout inactiveShow ip flow export Show ip cache flow Show ip cache verbose flowIp route-cache flow infer-fields Mls netflowMls nde sender version Mls aging longUser’s Guide version NetFlow Tracker Set mls bridged-flow-statistics enable vlanlist Set mls nde enableSet system name name Set mls nde addressFlow-sampler-map allflows mode random one-out-of 1 exit Enabling Flow Detail Records on a Packeteer DeviceEnabling NetFlow on an Enterasys Device Chart CSV format Pie chart CSV formatAppendix 2 CSV File Format Tabular report CSV formatChart XML format Pie chart XML formatAppendix 3 XML Format Tabular report XML formatAppendix 4 Third Party Software Components JspSmartUpload Quartz
Top Page Image Contents