NTA Top 100 Report

I'm trying to customize a Top 100 Report for NTA and am having some difficulty with modifying the report.

Our Security analyst is looking to find the top traffic flows to and from a specific Network Node. I'm trying to modify the results of the "Top 100" report to show this.

I'm modifying the Conversations DataSource with the following:

I want to report on "Netflow Flow by Conversation History"

Where - At lease one child condition must be satisfied (OR)

Destination Hostname contains (Part of the server name)

Source Hostname contains (Part of the server name)

The report never runs. I've tried changing the variables to IP, Name...nothing nets me results. If I leave it as default, I get results, but not the ones I need.

Any help is much appreciated. Unfortunately I'm not very strong with SQL Queries.

Thanks!

Find more posts tagged with

custom reports

solarwinds nta

Accepted answers

All comments

darragh.delaney

Hi kentk94‌

This may not be the answer you are looking for as its using a different tool but it may get a bit of debate going. The link below shows a LANGuardian report which shows all flows associated with a network node. It's a common one used by some of our customers interested in network security.

Is this the sort of information you are looking for?

Darragh

http://demo.netfort.com/netmon/view.cgi?t=last+1+hour&src=any&dst=any&ip=10.1.1.97&proto=any&servid=any&sport=any&dport=any&tos=any&View=View&rid=105&id=&defined_filters=proto%3D%26servid%3D%26ip%3D%26src%3D%26senid%3D%26dport%3D%26tos%3D%26sport%3D%26dst%3D%26t%3Dlast%25201%2520hour