Cisco Systems OL-11399-01 manual Fields

Page 10

Chapter 2 Using the NetFlow Collector User Interface

Configuration

The top item in the tree is the name of the threshold. Directly beneath this is a top-level threshold condition or expression. Add the top-level threshold condition or expression by selecting Add condition or Add expression when the top item is selected. If the top-level threshold condition or expression evaluates to true when the threshold is evaluated, a threshold-crossing log is created. See the “Creating a Threshold” section on page 4-26for more information about thresholds.

A threshold expression contains two or more expressions or conditions. Arbitrarily complex threshold evaluation logic can be specified in this way.

When creating a threshold condition, specify:

Whether the comparison is greater than, less than, equals, or not-equals

Which key or value is compared

Directly beneath the threshold condition is one or more value or range items. These determine the set of target values to which the comparison is applied. Add a value or range to the threshold condition by selecting Value or Range. For an integer condition, only integer values and ranges can be entered; only IP address values can be entered for address conditions.

Boolean logic is applied to two or more conditions using an expression. An expression can also appear within an expression in place of a condition.

To create an expression, specify the logical operator and, or, not-and, or not-or and select Add expression. An expression must contain at least two other conditions or expressions.

The conditions and expressions within an expression are evaluated in top-down order. Evaluation performance for an expression can be optimized by placing conditions and expressions which are more likely to occur closer to the top. Select an item then select Move to move the item up until it reaches the top; selecting Move again cycles the item to the bottom.

Any item in the tree including the items beneath it can be removed by selecting Remove. Pressing the back button on the browser also causes any changes to be discarded.

Note Remove items with care because no cut, paste, or undo capability is provided. Changes are not committed until you select Update Threshold or Remove Threshold.

The symbol ! at the beginning of any item in the tree indicates that the configuration specified at that level of the tree is incomplete and must be updated before the threshold can be added or updated.

Fields

Fields represent individual items of data exported by a device in a NetFlow flow, and are the building blocks upon which the keys and values referenced by aggregation schemes are based.

Clicking on the Fields folder of the NFC UI navigation tree displays a table of currently defined fields as shown in Figure 2-8. Click Edit to modify a specific field, or Remove to remove a selected field. Click Add Field to bring up an empty form for defining a new field.

Aliases, alternate names for fields, are also shown in the navigation tree and table and can be added when a field is defined or modified

 

Cisco NetFlow Collector User Guide

2-10

OL-11399-01

Page 9 Page 11
Image 10
Page 9 Page 11
Contents Opt/CSCOnfc/bin/nfcollector start all Nfc-hostname8080/nfcOpt/CSCOnfc/bin/webconfig.sh Customizing the Cisco NetFlow Collector InterfaceNFC Login Window Setting Description Default Value FileCisco NetFlow Collector User Interface Login Window NavigationConfiguration From this window you can access or configure the following Aggregators Adding AggregatorsEditing an Aggregator Add Aggregator WindowThresholds Modify Aggregator WindowFields Key Builders NetFlow Export Field Window10 Key Builders Window BGP Attribute Attribute DescriptionBoolean Bit FieldByte Array Customer Name Egress PEIngress CE IntegerInterface Snmp Name Integer Range MapIP Address Mac Address IP Address Range MapMasked IP Address Multi-Field Map Click Add conditionOption Data Site NameString Value BuildersSubnet Address 12 Adding a Value Builder End Time Active TimeDirectional Sum Flow CountStart Time Max Flow Byte RateRate SumAggregation Schemes Sum with Sampling EstimationFilters 14 Modify Aggregation SchemeNetFlow Export Source Groups NetFlow Export Source Access List 16 NetFlow Export Source Groups18 NDE Source Access List BGP PeerGlobal AdvancedReports Custom Reports Fields of the Custom Reports form are described in Table Field Value Description Combine devices , Separate devices , or Single device . For Single deviceReport Templates AllNavigate Reports Custom Reports Configuring Scheduled ReportsScheduled Reports Click Save as Template25 Scheduled Reports Window 26 Add Scheduled Report Path /opt/CSCOnfc/Reports Default value is /opt/CSCOnfc/ReportsDaily Opt/CSCOnfc/Reports/fooDisplaying Scheduled Reports Reporting Features 27 Scheduled Reports FolderSorting and Graphing 28 Sample Bar GraphTrending 29 Sample Pie GraphFilter Export and PrintDrill Down Statistics ControlHealth Monitor Statistics Opt/CSCOnfc/config/nfcmem Port StatisticsSource Statistics Sourceid V9 or enginetype and engineidLogs 37 Viewing Logs in Web-based UIOL-11399-01
Top Page Image Contents