We have configured an IPFIX sensor on our Probe device (PRTG Network Monitor 16.1.22.2391 ) and are pointing all of our Netflow data at this probe, from several switches and Virtual Centers.

We can see the Top Talkers and the Live Data but cant really drill into the detail that we are looking for, not sure if this is due to the way we have configured things or if PRTG doesn't display the information that we are looking for.

When we look at TopTalkers we can see that a device talks with others devices, we want to be able to drill into this connection and see which devices, volumes of data ands protocols etc. From there then drill into the next piece that shows something interesting etc.

Not sure if this sis doable or not, hopefully the question makes sense though.

Article Comments

Dear Peter

The flow sensors of PRTG don't replace Wireshark, instead they provide you bandwidth information for pre-defined channels. You can setup your own traffic channels and toplists. However you cannot dig deep into the flows unless you enable the "Log Stream Data to Disk" option which generates CSV files containing the flows which you can use to check manually.

The stream logging should not be turned on for long, because those logs can fill the free harddisk space very fast.


Mar, 2016 - Permalink

I was looking for the same thing as Peter. I'm not looking for a wireshark replacement as that's more into full packet detail, including the payload.

What I'd like to be able to do is click on an IP in the top talkers and have it run a query that shows which IPs communicate with that IP I just clicked on. When I see a huge spike in data, I'd like to be able to investigate that a little further and top talkers isn't quite enough information for me.


May, 2019 - Permalink

Dear networkgurucnan,

thank you for your input. Detailed flow analysis this is not the direction we have in mind for PRTG. It would imply a large performance impact to store all incoming flows. For detailed flow analysis, we think hat specialized tools are the way to go. One option could be Scrutinizer.


May, 2019 - Permalink