This content has been marked as final. Show 2 replies
You said that tracking logins to a server was a requirement on your group. Who generated the requrirement? Security team? Regulatory compliance/auditors? Understanding that can help us to figure how widely such a feature would apply.
Sr. Product Manager, Orion
We are trying to use this information to track utilization & traffic patterns of application servers. This is would be used for reporting/capacity management & troubleshooting purposes.
As an example, we have a DB server which regularily sees 100% CPU utilization for during the weekday.
Using Netflow to track the number of network connections to the DB over time, we can better relate this the CPU load.
The server had been recently patched to resolve this issue, but the CPU is still peaking at 100%. By viewing the Number od DB connections before & after the upgrade, we would be able to see if the patch increased the capacity or not.
Another example would be historical troubleshooting (analyzing outages & degradations). Normal traffic patterns might show 1000 connections to an application server during business hours. If the number of connections changes dramatically, we can drill down to see which Call Center (IP subnet) is outside the norm.
We have had application outages blamed on the network.
With this tool we can see the network connections to a particular server dropped while staying up to another server, proving the WAN connection from client to server was not the cause of thr outage.
We can also use it for trending. What is the growth trend of an application based on number of network connections?
Can we add another 200 users in our Western call center based on current application usage without adding another server?