In Top Protocols, the majority of our traffic is "OtherTCP". Unfortunately, we know that we can break this out further as we have some offsite backups and such that use custom ports. Is it possible to add custom protocols/channels so that we can break these down further rather than having everything undefined as "Other"?

Thanks, Matt

Article Comments

Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.

Hi Stanmat,

Please have a look here for a list of links which will help you to create your own channels.

Best regards


May, 2015 - Permalink

Felix,

Thanks for the response. I'm a little confused regarding what needs to be done to ensure that the custom flow rules are utilized. I have added them into "CustomFlowRules.osr" (the linked document doesn't say anything about overwriting "FlowRules.osr", I have added them to "FlowRules.osr", and have restarted the "PRTG Core Server Service", but I'm not having any luck getting the new rules to show when I look at the "Top Protocols" view.

Here are the rules I'm testing, which I've added above the other groups in the XML format:

  <group id="3010" name="SampleProt">
    <caption>SampleProt</caption>
    <help>SampleProt</help>
    <defaultvalue>1</defaultvalue>
    <channels>
      <channel id="1026" name="SampleProt">
        <rule>
           (Protocol[TCP] or Protocol[UDP]) and (DestinationPort[8006] OR SourcePort[8006])
        </rule>
      </channel>
    </channels>
  </group>
  <group id="3011" name="Poptart">
    <caption>Poptart</caption>
    <help>Poptart</help>
    <defaultvalue>1</defaultvalue>
    <channels>
      <channel id="1027" name="Poptart">
        <rule>
           (Protocol[TCP] or Protocol[UDP]) and (DestinationPort[4115] OR SourcePort[4115])
        </rule>
      </channel>
    </channels>
  </group>

I don't see any formatting problems or duplicate IDs, so I'm stumped as to why I cannot see the new channels.

Thanks, Matt


May, 2015 - Permalink

I apologize, please ignore my previous reply. Our current sFlow sensor was not set to 'Custom', therefore it wasn't working. I have created a new sFlow (Custom) sensor and the custom channels are working as-intended. Thank you Felix.


May, 2015 - Permalink