Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

identifying netflow source

https://support.nagios.com/forum/viewtopic.php?t=57560

Page 1 of 1

identifying netflow source

Posted: Tue Feb 18, 2020 12:56 pm
by nicholashadaway
In a competing package (scrutinizer), you are easily able to identify the netflow data source even with multiple sources sending to the same port.
So far I have not been able to tell how to identify unique netflow sources that are sending to the same port. It looks like the only differentiation is via port, and not via source IP.

Is this a limitation of NNA or can you point me in the right direction to answer this question?

Re: identifying netflow source

Posted: Tue Feb 18, 2020 6:01 pm
by mbellerue
In reading this, I don't think there's a way to sort them out after they've come in on a specific port.
https://assets.nagios.com/downloads/nag ... alyzer.pdf

This line here, specifically,
Sources require a unique name and port to bind to.
This may be a difference in how NNA stores, accesses, and works with the data through its lifetime. I will check with the devs and see if there's any reason we couldn't collect the NetFlow source information. If we can, we might turn that into a feature request.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited