• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 38 subscribers
  • Views 2135 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Netflow report for bandwidth or utilization between source and destination

ranwe1

Hi

I need to create a report for the Netflow data, that will show me the amount of data passed between source and destination, for example, the amount of data (in bytes) passed between an IP in the organization and the mail server in the last 7 days or 24 hours, or any IP to any application. I did not find something like that in the reports, or I missed it if it is there.

Any Idea?

Thanks in advance and regards

Ran  

  • 0

    Netflow Traffic Analyzer has that reporting view built-in. 

    Start up Solarwinds, go to My Dashboards, select Netflow, then select Conversations:

    pastedImage_1.png

    Once there, enter in the IP address of the source or destination device in the Search field, select "Endpoint IP Address".

    pastedImage_0.png

    You can set other criteria, too--such as the time frame in which to search.

    Once you have one end of the conversation, you should be able to open the nodes/routers that participated with this node, and then just find the other one in the conversations you're interested in.

  • 0 in reply to rschroeder

    Hi rschroeder, Thanks for the quick reply

    The solution you suggested is one way to look at the data, but I was requested to create a report, not looking at the web console, but creating a report in the report manager, that can be ran and printed as such. is there a way to do that?

    Thanks again and regards

    Ran

  • 0

    There are a number of identical requests out there for this.  Check them out here, and see which (if any) have solutions you might make work in your environment:

    In my environment we rely on proxy filters to track traffic that travels North-South (access PC to Internet), and we use Gigamon network taps to capture East-West traffic (PC-to-PC or PC-to-Server) that does not travel through a firewall or proxy server.

    Obviously, anything that passes through a firewall is much easier to see and report on.

    I think the desire for an inexpensive, intuitive, and easy Netflow way of capturing East-West traffic, especially if it's within the same VLAN or on the same switch, is a popular wishlist item.

    After reviewing Thwack threads and searching through my own Solarwinds, I think the first option I pasted (above) is the right starting point.  I went through it as an exercise and it seems pretty much right on the money, as long as you're monitoring the right nodes or ports.

    Forgive me for stating the obvious, but you won't get any data if the desired traffic flow doesn't pass through any Layer 3 routing interfaces (such as connections between two PC's on the same switch that also use the same VLAN). 

    And also as obvious, you can only capture Netflow stats on L3 interfaces on which Netflow reporting is enabled. 

    Let us know what you come up with.  If you can improve on the first option (above) with screen shots of what worked well for your specific case, please share them here so others can benefit from your new knowledge!

    Swift packets!

    Rick Schroeder

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.