Detailed NetFlow information


I am running into a situation where I am trying to correlate utilization spikes on a specific interface with those that are causing the spikes. 

The problem I’m running into is that the event was 7 days ago and while the utilization charts show the detailed information, the Netflow specific charts look like they start summarizing the data after about a 2 hour relative window in the past.

Essentially, what I am looking for is the level of detail you see in the last 15-30 minutes on a Netflow chart, but from and event that occurred a week ago.  Any ideas?

I think you're out of luck. Unfortunately, forensic flow analysis is not one of NTA's strong points, and from everything I've seen and heard it's not an area that's much targeted by Solarwinds for development (I would be happy to be told I'm wrong here!).

There are other products out there that are really good at forensic flow analysis, but they are also really expensive.

I see what you mean.  What I did was build a custom report based on an existing top conversations report.  I filtered it by the node and interface I was interested in and then identified a specific time frame of about 30 minutes.  While this didn't get me individual polls, it provide a fairly small sample that made more sense when correlating against the spikes in the utilization data.

