If I buy NTA do I have to get the same license as I have for NPM? For example, I have NPM unlimited, but I only want to collect netflow for around 60-80 devices. Can I get away with only buying the 100 device license, or do I have to get the unlimited to match NPM?
↧
Netflow Licensing
↧
3.10 Charts - How do I see more than 10 data series in charts?
Like I could before upgrading. I need more than 10.
↧
↧
SolarWinds NetFlow Traffic Analyzer 3.10.0 Hotfix 2
SolarWinds Orion NetFlow Traffic Analyzer Version 3.10.0 Hotfix 2
http://downloads.solarwinds.com/solarwinds/Release/HotFix/NTA-v3.10-HotFix2.zip
The SolarWinds Orion NetFlow Traffic Analyzer (NTA) Version 3.10.0 Hotfix 2 addresses the following issue:
- On Demand DNS resolution doesn't work if website uses any port other than 80. Hostnames are not resolved on Top Endpoints resource.
To install Hotfix 2:
Note: The following assumes the Orion website is the default location, which is C:\inetpub\SolarWinds\
If the Orion website is not at this location, change paths accordingly.
- Make a backup of the file C:\inetpub\SolarWinds\Orion\TrafficAnalysis\Controls\DnsInfo.ascx.cs
- Extract and copy DnsInfo.ascx.cs from the Hotfix archive to C:\inetpub\SolarWinds\Orion\TrafficAnalysis\Controls\
- Restart the website using Orion Service Manager.
To rollback Hotfix 2 (if needed):
- Delete the file C:\inetpub\SolarWinds\Orion\TrafficAnalysis\Controls\DnsInfo.ascx.cs
- Restore the backed-up file as C:\inetpub\SolarWinds\Orion\TrafficAnalysis\Controls\DnsInfo.ascx.cs
- Restart the website using the Orion Service Manager.
This hotfix requires Orion NTA version 3.10.0.
This hotfix doesn't require any previous hotfix.
Install this hotfix on both your primary Orion poller and any additional Orion website(s).
↧
Report for what ports are showing up as unknown
I am trying to minimize the amount of unmonitored traffic that shows up under the Top XX Application screen on the dashboard. Is there anyway I can write a report that lists out the Unmonitored traffic and what port it's running under?
I created a report to gather results when application name is unmoitored traffic but under the port_ number field it just says multi-port.
↧
NTA Update
I've just received an NTA update notification at our Solarwinds Web, which is the NTA 3.10 version. We want to validate this update, and find out whether it is worth installing it and if there's no problem doing this procedure. Currently, we have NTA version 3.9.0. Do we have to plan a manteinance window to do this update? How long does it take?
Thanks. I would really appreciate your help.
↧
↧
NTA in VM requirements
Hl Guys,
Do you have system requirement specific to NTA when is implemented in virtual ??
Regards,
Bryan
↧
Deselect CBQoS Element NTA3.10
Hi All,
Thanks in advance for any response to this. I'm trying to work out whether I can deselect a CBQoS class element. We don’t want our class-default to be monitored… reason is, that’s the sum of all the classes so it doubles the over all traffic when we graph it. It's also a duplication of data in our already squeezed SQL backend so would benefit everything to just deselect a box and stop monitoring the queue...well that's what I'm hoping for but I can almost guarantee it's not going to be that simple!
If it's not that simple or possible from within NTA, is there a way to achieve this on our routers - all running Cisco IOS.nta
KR - Tom
↧
NTA for monitor Video Conference Traffic
Hi,
saya melakukan installasi NPM dan NTA. Kami ingin melakukan monitoring traffic video conference. tetapi pada NTA tidak ada traffic Video conference yang muncul.
S-flow menggunakan fortigate 620.
Bagaimana cara melakukan monitoring traffic video conference?
Please help me.
Thanks
Bagus
↧
Has ANYONE got Flexible Netflow working on 4500 with Sup7 that is understandable by Solarwinds Netflow
Hi have been trying to work with Cisco over the past 4 weeks to get Flexible Netflow to work properly with Orion/NTA with zero success. This is a 4507R+E with dual Sup 7's
I have the works TAC support person, but that's beside the point. I've spoken with SW and didn't get the warm and fuzzies on their answers either.
It appears to me I will not be able to monitor layre "virtual" interfaces on the 4507, which is unacceptable and if the case I will raise a stink with Cisco one I get it working.
So my questions are:
Does it even work? This hardware, Flexible Network and NTA 3.7?
The commands take and it just seems like NTA doesn't accept them, I'm guessing they are missing something like TOS, but this is not the same as regular Netflow.
I have been testing many permitations, but I either get the traffic in NTA showing that it is coming from all interfaces, or it doesn't see any at all.
Here's the config I am testing with today:
flow record ipv4
! match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect interface input
!
!
flow exporter NetFlow-to-Orion
destination 10.10.10.1
source vlan254
transport udp 2055
export-protocol netflow-v5
!
!
flow monitor NetFlow-Monitor
description Original Netflow captures
record ipv4
exporter NetFlow-to-Orion
vlan configuration 254
ip flow monitor NetFlow-Monitor input
Any help would be great
Bob
↧
↧
Tools to determine which sites are coming from Akamai
Like many other posts, I am using the NTA and see a huge amount of data coming from Akamai Technologies. Is there something that I can install on my NPM to determine specific traffic from these sites? I am using On Demand DNS resolution and not persistent.
↧
Traffic analysis
I have a request to monitor several networks for 10 days and provide the following analysis.
- Generate traffic status report and bandwidth utilization reports (High/Low/Avg)
The intent is to add specific users into groups such as accounting, engineering, etc.
Measure usage for 1-2 weeks.
Provide usage report per group to include bandwidth (High/Low/Avg) and top applications usage.
I’m currently not that familiar with NTA and was wondering if there is an easy way to accomplish this.
All suggestions and comments are welcome.
Thanks
↧
Free Up Database from unwanted NetFlow collection
o,
I recently installed an Eval copy of NPM 10.2.2 and NTA 3.9. Win 2003 - SQL 2005 Express (limited to 4 GB)
I added 3 Routers exporting 8 NetFlow Interfaces and I decided to drop Router-3 from netFlow collection, and also couple of netFlow interfaces from the 2 remaining routers.
Q1. How to free up my database from All Router-3 NetFlow collected traffic (I wan to keep Router-3 SNMP traffic) ?
Q2. How to free up my database from the 2 NetFlow interfaces Collected data , but keeping their SNMP collected data ?
Thank you
↧
CISCO 3560 flexible netflow
Hi
I´m trying to setup the new "Flexible Netflow" feature on a 3560G with IOS version 150-2.SE.
I have followed the diff. guides on the net but so far without any luck.
Do any in the forum have a working example how to setup Flexible Netflow on a 3560G?
I have included my setup if.
*************Config************************
flow exporter SolarwindsNF
description To Netflow in dkanm1
destination <IP for NTA>
source Vlan232
transport udp 2055
template data timeout 60
!
flow record standard
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect routing source as
collect routing destination as
collect routing next-hop address ipv4
collect ipv4 id
collect ipv4 source mask
collect ipv4 destination mask
collect transport tcp source-port
collect transport tcp destination-port
collect transport tcp flags
collect interface input
collect interface output
collect flow direction
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
!
flow monitor standard-Monitor
description Default monitor
record standard
exporter SolarwindsNF
cache timeout active 60
!
interface GigabitEthernet0/24
description MPLS-Router
switchport access vlan 232
switchport mode access
ip flow monitor standard-Monitor input
spanning-tree portfast
!
ip flow monitor standard-Monitor input
ip address 10.144.232.254 255.255.255.0
ip helper-address 10.144.17.5
no ip mroute-cache
!
interface Vlan233
ip flow monitor standard-Monitor input
ip address 10.144.233.254 255.255.255.0
ip helper-address 10.144.17.5
no ip mroute-cache
!
↧
↧
Docs for Alerts
Hi,
I'm not finding this site very intuitive for finding docs. Caouls someone please send me a link for creat alerts?
New to SW so forgive the Newbieish question but, can I create and alert that only alerts when a threshold of 80% link utilization has been there for 10 minutes so, I don't get an alert when it hits 80% - only when it is there for 10 minutes?
Thank, Pat.
↧
NTA - alerting based on Netflow data?
Hi,
what is the status of creating alerts based on netflow database information?
I have currently one request to create an alert, if hosts from a certain network (source) communicate with the internet (destination).
Only certain hosts are allowed to do that, so I would exclude them in the alerting rule...
Another more simple example: customers also want to create email alerts based on application utilization...
I found some information here from 2010 - so I am curious what the acutal status is in that matter.
Thanks for any input.
↧
DNS resolution for websites in NTA
Hi,
When you look at SolarWind's demo NTA page on their website, website names are resolved so that you see people accessing youtube.com, wikipedia.org, and so on. But our NTA doesn't resolve websites. To test it out, I went to Youtube and watched videos, then checked NTA to find the conversation between my workstation and Youtube. It showed up as a conversation between my workstation and 173.194.9.217. I'm not sure if this is a DNS issue or an NTA issue (or maybe a NetFlow issue?). Any suggestions on how to get those website names to show up in our NTA?
Thanks.
↧
NetFlow Conversations Summary - can't get specified time period
We are having an issue, when we try to adjust the Absolute Time Period for the display of the top 10 NetFlow Conversations.
For example we wanted to select 11/4/2012 between 2pm and 4pm. The displayed results were 11/4/2012 between 12am and 4pm.
I'm sure I'm missing something simple, but has anybody else run into this?
Thanks!
↧
↧
NetFlow data from unmonitored interface that is monitored!?
So I keep getting these messages from NTA:
NetFlow Receiver Service [MainOrionServer] is receiving Netflow NetFlow data from unmonitored interface Vlan432 on CoreRouterSwitch. Click Monitor NetFlow source or enable the "Automatic addition of NetFlow sources" option on the NetFlow Settings page to process future NetFlow data from this interface.
Well, Vlan 432 is monitored. Oddly enough, it is actually listed twice under List Resources. Once as "unrouted VLAN 432 - VLAN-432" (that I am not monitoring) and once as Vlan432 · VlanDescription" that I do monitor.
So is the real problem that list resources sees the same VLAN twice, and that confuses NTA? The box is a WS-C6509-NEB-A with a Sup 720.
↧
NTA 3.10 with ASA 5505 8.2(4) - no received netflows
I have downloaded a trial version of Solarwinds NTA 3.10.0 and am attempting to collect Netflow from an ASA 5505 running 8.2(4)4. I have followed the instructions in the KB for "Configuring Cisco ASA devices for use with Orion NTA", have managed all Cisco ASA interfaces in Orion and added them all as monitored sources in NTA and been through the document "Best Practices for Troubleshooting NetFlow".
A Wireshark trace running on the PC where the Orion trial NPM and NTA is running shows the Netflow (CFLOW) packets arriving form the ASA - the templates are present but with just "Flowset 1" showing in the trace. The NTA shows it has never received a Netflow packet from the ASA. I have been through the previous KB cases relating to ASAs with NTA. I have included the ASA 5505 Netflow configuration below and an output showing the flow export counters. Has anyone else seen this issue? Could it be an issue with running the trial software on a PC/laptop as opposed to a server?
TestASA-1# show flow-export counters
destination: inside 10.0.17.29 2055
Statistics:
packets sent 2631
Errors:
block allocation failure 0
invalid interface 0
template send failure 0
no route to collector 0
flow-export destination inside 10.0.17.29 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
!
access-list netflow-export extended permit ip any any
!
!
class-map netflow-export-class
match access-list netflow-export
!
policy-map global_policy
class inspection_default
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
inspect ftp
inspect snmp
class netflow-export-class
flow-export event-type all destination 10.0.17.29
!
service-policy global_policy global
↧
CBQoS report not showing data every minute
Hi,
I've amended the CBQoS polling from 300s to be 60s while we're doing some debugging and the graphs on the website are showing data by the minute. However when I run a report from Report Writer (Pre-Policy Last 24 Hours) and export the data the Last Poll Time is still showing a 5 minute interval. How can I export the by the minute data?
Thanks
Jason
↧