Channel Definitions for Flow not working

Modified on 2025-06-10 20:37:20 +0200

Hello,

we try to configure a custom channel definition and are not sure if the defintion does not work or the syntax is wrong:

#34:VIE34
SourceIP[10.2.*.*] and DestinationIP[10.25.25.2] and (DestinationPort[80] or DestinationPort[443])

Thanks in advance, Thomas

Article Comments

Seems then multiple ANDs are not working. Unfortunately the samples in the documentation are to simple to get the right syntax.

Feb, 2017 - Permalink

Dear koflert,

Thank you for your knowledge base post.

Please see the two relevant manual articles on Channel definitions for Flow, IPFIX, and Packet Sniffer sensors and Filter rules for Flow, IPFIX, and Packet Sniffer sensors.

You can create more complex expressions using parantheses ( ) and the words and, or, and not. The filters can contain multiple and.

The syntax and also the placement of the parentheses look good to me, therefore please confirm that the channel show incorrect monitoring values.

Thank you in advance,
Sebastian

Feb, 2017 - Permalink

Thanks a lot Sebastian for the clarification.

The syntax was indeed fine, but the channel was "overlaying" with another definition with lower channel number so this channel was never receiving data and created.

Feb, 2017 - Permalink

Dear koflert,

Thank you very much for your feedback, I'm glad you found the issue.

Best,
Sebastian

Feb, 2017 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

Channel Definitions for Flow not working

Article Comments

Search

Attention

Related Articles