Hello, We have recently installed Netflow and would appreciate guidance on the following questions. Thanks! To start with, all we are trying to do is to get raw data on which IPs on our network are making TCP connections to what other IPs, and on what destination TCP ports. Any help with how to design that report in Solar Winds would be appreciated. The Netflow reports we are looking at are confusing in that it appears the port listed in the “port” column seems to repeat the server side destination port (application port), even in report rows where the client IP is the destination. In other words it’s not clear what the TCP connection orientation is. Maybe we just have systems connecting to each other on TCP 9300 and its really just 2 separate TCP connections. This may be a Netflow question as much as anything. All we are looking for is source, dest, dest -IP you know? Thanks!

Netflow Traffic Analyzer Question

ms0278167 over 1 year ago

Hello,

We have recently installed Netflow and would appreciate guidance on the following questions. Thanks!

To start with, all we are trying to do is to get raw data on which IPs on our network are making TCP connections to what other IPs, and on what destination TCP ports. Any help with how to design that report in Solar Winds would be appreciated.
The Netflow reports we are looking at are confusing in that it appears the port listed in the “port” column seems to repeat the server side destination port (application port), even in report rows where the client IP is the destination. In other words it’s not clear what the TCP connection orientation is. Maybe we just have systems connecting to each other on TCP 9300 and its really just 2 separate TCP connections. This may be a Netflow question as much as anything. All we are looking for is source, dest, dest -IP you know?

Thanks!