Hello,
I just installed the demo of NTA. It looks pretty impressive, but I have one issue. I'm sure I've misconfigured something but Google isn't telling me where.
I can't see any ingress traffic, only egress.
Here is my flow configuration:
flow record NTADemo
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect transport tcp flags
collect interface output
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
collect application name
!
flow exporter Netflow-to-NTADemo
destination 172.22.113.175
source GigabitEthernet0/0/1
transport udp 2055
template data timeout 60
option application-table timeout 60
option application-attributes timeout 300
!
flow monitor Netflow-Monitor
exporter Netflow-to-NTADemo
cache timeout inactive 30
cache timeout active 60
record NTADemo
!
interface g0/0/1
ip flow monitor Netflow-Monitor input
ip flow monitor Netflow-Monitor output
!
Tyler