Is anyone aware of a way to integrate NetFlow data about top receivers into an Orion alert? I'm currently receiving a basic alert from Orion on any interface once traffic goes higher than 80%. Management is hoping to police the network whenever we receive said alert, but this requires me to dig into NetFlow at the time that I receive the alert which isn't possible with the other duties I perform throughout the day.
I've already dug through the information on macros/variables and I have a feeling that this is not that simple.
I'm not averse to running a report, although I'm not knowledgeable in SQL.
I know I have the ability to capture real-time data and create a report using the NetFlow monitor in the Engineer's ToolSet, but this again requires me to be in front of the computer to start and stop the capture.
The idea here is automation inasmuch as it is possible--the departed network engineer was able monitor the sites for a good portion of the day, but I can't, so any help would be greatly appreciated! Apologies if this belongs in the NetFlow forum, or if a solution has been posted elsewhere, but after an hour of looking I gave up.
