User’s Guide – version 3.1.3 | NetFlow Tracker |
IP Application Names
NetFlow Tracker receives application information in the form of a protocol number and port number. These correspond directly to specific network applications. Many are predefined
If an application uses multiple ports or a range of ports you can define it as a grouped application. Grouped applications appear as one entry in the application reports, regardless of context. You may find that a saved filter is more useful as a means of defining, for example, the traffic relating to a networked application running on a cluster of servers.
To define a grouped application you must first give it a unique identifier and a name; you can then add application ports and ranges of ports to it.
DiffServ Names
NetFlow Tracker can filter and report by differentiated service code point; you can assign names to each of the 64 code points here. The standard code point names are already configured.
Hostname Resolution Settings
This page lets you configure aspects of the resolution of hostnames for addresses encountered on reports. These are cached to increase reporting speed and reduce the amount of network traffic generated by the NetFlow Tracker when generating a report. You can change how long a resolved hostname is cached for, the default being 30 minutes, and how long a failure to resolve a hostname for a given address is remembered, the default being 10 seconds. You can also control the size of the cache and the number of threads used to resolve hostnames. If you find that hostname resolution is not working, click “Defaults” to put the settings back to useful default values. Click “Ok” to accept your changes or “Cancel” to abort.
Should you wish to clear the cache of resolved hostnames, disable resolution by clearing “Enable hostname resolution” and clicking “Ok”, then go back into the configuration page and enable resolution again by checking “Enable hostname resolution” and clicking “Ok”.
68
