Forum Discussion

8 years ago

Net flow / Please increase the filter capabilities

The current net flow reporting capabilities are very limited, even if the required net flow data will be delivered by the end devices. I.e. I'm trying to report all traffic for udp port 53 pointing...

netflow

mnagel

Professor

5 years ago

Open source gets this done far better and more elegantly. NFsen, for example, allows you to define a tcpdump-style filter for flow selection. Very powerful and very useful and this should be added to LM ASAP (advanced feature option off by default if needed). Things have improved with NetFlow LM the past few years, but it is still very primitive and lacks even basic alerting tied to searches. The feature seems to be stuck where it is -- would be great if someone at LM could show us a roadmap...

FWIW, I have been working on a way to extract NetFlow data via the API to workaround this. It is possible, but not trivial. This should be within the main UI.

Also, add IPv6 support -- we get the weirdest results from our SonicWall that sends both IPv4 and IPv6 flows :).

Forum Discussion

Net flow / Please increase the filter capabilities

Related Content

JSON Path capability in a Webpage DataSource

Testing Ping latency but not increasing my licensing cost

[Feature request] Custom PowerShell script: increase timeout

Logicmonitor_sdk filters are driving me insane. Please help?

Can you compare and contrast Dexda's capabilities with PagerDuty's alert grouping feature

Recent Discussions

Monitor ConnectWise Integration Errors

LogicModule Enhancement - VMware_vCenter_VMSnapshots

Different options for "Delete Instances..."

A method to identify that a Datasource has been executed via "Poll Now" rather than standard collection, to allow additional info to be displayed conditionally.

Dashboard Filtering Using Instance Properties