Hi there. I'm a new user so please forgive me if my terminology/understanding is incorrect.
I've setup a Netflow sensor for my Cisco router and am capturing all of the data I expected (LAN to LAN traffic, as well as LAN to WAN traffic). However, I was wondering if there was a way to filter the data to obtain very specific information. For example, say a host with an IP address 192.168.100.50 transmits a large amount of data in a day. Would it be possible for me to filter the existing Netflow traffic so that I can see 192.168.100.50's history for that day? And, am I able to implement further filters like excluding web traffic from the results?
Basically I'm hoping PRTG has features like those offered by NFDUMP/NFSEN where you're able to set up one collector and then implement as many filters as you like, and make them as specific as you like.
Thanks in advance for your assistance everyone.
Article Comments
Hi,
Is there already an update on this topic? Its now end of 2015 and I cannot find this feature.
Thanks,
Dec, 2015 - Permalink
Hello,
no, sorry there is no update yet.
This is all we can sys about it at the moment.
Dec, 2015 - Permalink
I'm afraid it is still on the ToDo list, other tasks have higher priority at the moment.
Kind regards,
Erhard
Nov, 2016 - Permalink
at the moment PRTG analyses netflow data as it comes in and then drops the flows.
So for any specific information you are interested in, a netflow sensor with the specific filter needs to be active at the time the traffic happens.
The possibility to store Netflow data for later processing is something we already work on, and it should be available in the first half of 2015.
Jan, 2015 - Permalink