Is there a way to change Summary Chart?
Is there a way to change Summary Chart?
We use the network analyzer to ingest NetFlow data from our ASR 9Ks. I have an ingress and egress flow setup, and we are wondering if there is a way to show who and how much bandwidth is being used dynamically. We would like to see the data auto-updated on the summary page that breaks out different subnets into different colors to see who the bandwidth users are and not just the total bandwidth over time. Is this possible? I understand this can be done through report analysis, but we would like to see this information live on the summary page if possible. I see options to show different parameters bytes, packets and flows that can be overlaid. However, if I could show bandwidth from sources instead of overall bandwidth use, that would be much more useful. I'm curious if this capability exists and I'm missing it or can be added.
Re: Is there a way to change Summary Chart?
I'm investigating this and will post an update shortly.
Thank you!
Thank you!
Re: Is there a way to change Summary Chart?
Currently, there isn't a method to aggregate by srcnet/dstnet from the web interface. I have submitted a feature-request on your behalf requesting that functionality:
Please keep in mind that the decision to implement the enhancement is at the discretion of our development team.
As an alternative:
So you could do something like this from the CLI to see the data:
Code: Select all
FR: NNA - Add functionality to aggregate by the other options such as srcnet/destnet/etc, it's currently limited to dstip|srcip|srcport|dstport:
As an alternative:
Code: Select all
You can use this to show the flows received in the last 15 minutes from that source:
- Change XXXXX to the source name
nfdump -R /usr/local/nagiosna/var/XXXXX/flows -t '-900'
OR the raw flows:
nfdump -R /usr/local/nagiosna/var/XXXXX/flows -t '-900' -o raw
OR individual flow files:
nfdump -r /usr/local/nagiosna/var/XXXXX/flows/nfcapd.202111101555
nfdump -r /usr/local/nagiosna/var/XXXXX/flows/nfcapd.202111101555 -o raw
See here for more information:
https://manned.org/nfdump/31e0f625
So you could do something like this from the CLI to see the data:
Code: Select all
nfdump -R /usr/local/nagiosna/var/XXXXX/flows -t '-900' -A srcnet
nfdump -R /usr/local/nagiosna/var/XXXXX/flows -t '-900' -A srcnet,dstnet