Fluke Recording Equipment manual Report Templates, Address Reports, Session Reports

Page 28

User’s Guide – version 3.1.3

NetFlow Tracker

Report Templates

Whenever you create a new tabular report or chart you can choose any of the standard report templates depending on what you want to examine:

Address Reports

Source Addresses – shows the IP addresses that were the source of most traffic or packets.

Destination Addresses – shows the destination IP addresses that were the destination of most traffic or packets.

Address Pairs – shows the pairs of connected IP addresses that exchanged most traffic or packets.

Bi-directional Address Pairs – adds extra columns showing the traffic and packets sent from destination to source for each address pair.

Source Address Dissemination – shows the source addresses that conversed with the most distinct destination addresses and that were involved in the most distinct endpoint-to-endpoint conversations. This can help detect file sharing or virus infected hosts.

Destination Address Popularity – shows the destination addresses that conversed with the most distinct source addresses and that were involved in the most distinct conversations.

Session Reports

Protocols – shows the IP protocols, such as TCP or UDP, used by most traffic or packets.

Source Applications – shows the IP applications that were the source of most traffic or packets. An IP application is a combination of an application port and protocol; common examples are HTTP or FTP. You can assign names to applications using the IP Application Names settings page. Examining the source applications inwards on an interface can show you what applications are using your Internet bandwidth.

Destination Applications – shows the IP applications that were the destination of most traffic or packets. The destination applications outwards can show the most requested applications on a link.

Recognised Applications – shows the IP applications that were the source or destination of most traffic or packets. Whether the application was the source or destination depends on whether it has a name defined in the IP Application Names settings page, or if both or neither have names, whichever has the lower port number.

Conversations – shows the pairs of connected endpoints that exchanged most traffic or packets. A single conversation represents, for example, a web browser downloading a single image.

Bi-directional Conversations – adds extra columns showing the traffic and packets sent from destination to source for each conversation.

28

Page 27 Page 29
Image 28
Page 27 Page 29
Contents NetFlow Tracker Software License Agreement Grant of Licence and Payment of FeesCopyright Customer Remedies Confidential Information and Security User’s Guide version NetFlow Tracker Definitions Support Services Support ChargesUndertakings by You Supplier’s UndertakingsIntellectual Property Rights Limitation of Liability and indemnityTermination Confidential Information and Security MiscellaneousSupport Hours Exceptions to Support ServicesResponse Times Contents LONG-TERM Reports Appendix 2 CSV File Format What is NetFlow? What is NetFlow Tracker?Features and Benefits IntroductionUser’s Guide version NetFlow Tracker Installation Pre-installation ChecksMinimum System Requirements Operating System SupportInstallation on Microsoft Windows Installation on Solaris and Linux Post-installation Tasks Set up Snmp community strings Set up web front-end securityConfigure your routers and switches Add listener portsUsing NetFlow Tracker Device traffic meters InterfacesWorking with Charts Changing the displayed chartChart legend Per-AS dataView a standard chart as a pie chart View a standard chart as a tabular reportZooming Zooming outWorking with Pie Charts Working with Tabular Reports User’s Guide version NetFlow Tracker Address Reports Report TemplatesSession Reports Network Reports QoS ReportsInterface Reports Creating Filtered Reports Traffic Identification ReportsOther Reports Report TemplateSample Size Source DataStart Time End TimeOut Interface In/Out InterfaceVPN Out VPNRecognised Application Identified ApplicationToS DiffServDestination Subnet Source/Destination SubnetSource Mask Destination MaskLong-term Reports Devices and InterfacesPer-device and Per-interface Long-term Reports Filter EditorUser’s Guide version NetFlow Tracker Executive Reports General Form Report URL FormatReport Format Parameters Chart 00230024 0025Number TrueFalse HeadingFeatures Sections128 256Time Range Parameters Hour DayWeek MonCalendar-based advanced Applying a time-of-day mask to the time range HHmmDay1-day2/time1-time2 110 105100 113115 120140 125285 300Minute DailyFilter Parameters Port/name NamePort/number Tos PrecPrec%20tos Byte CodeAddr/mask Password PasswordSecurity Parameters Secret Management Portal Access Control ParametersNull Aclid specifies a permitted long-term report Features Performance Tuning Database Server SettingsDisk Speed Query SizeConfiguration Guide Snmp SettingsLicensing Listener PortsDevice Settings Device SettingsDevice List Traffic Classes ArchivingIdentified Applications VPNs Security SettingsDeleting a Device Management Portal Settings Report Settings Long-term Reports Saved FiltersExecutive Reports Span class=repdesctextTest/span Content Nelements=5 and chartWidth=400Sub-reports User’s Guide version NetFlow Tracker IP Application Names Hostname Resolution SettingsDiffServ Names AS Names Database SettingsSubnet Names User’s Guide version NetFlow Tracker Backup ArchivingMemory Settings Performance CountersUnprocessed Flowsets Interface ScansMissed Flows Missed ExportsAppendix 1 Device Configuration Enabling Netflow Export on an IOS DeviceIp cef Ip flow-export destination addressIp flow-cache timeout active Ip flow-cache timeout inactiveShow ip flow export Show ip cache flow Show ip cache verbose flowIp route-cache flow infer-fields Mls netflowMls nde sender version Mls aging longUser’s Guide version NetFlow Tracker Set mls bridged-flow-statistics enable vlanlist Set mls nde enableSet system name name Set mls nde addressFlow-sampler-map allflows mode random one-out-of 1 exit Enabling Flow Detail Records on a Packeteer DeviceEnabling NetFlow on an Enterasys Device Using sflowtool to Convert sFlow Records to NetFlow AddressAppendix 2 CSV File Format Chart CSV formatTabular report CSV format Appendix 3 Third Party Software Components
Top Page Image Contents