• State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 24 subscribers
  • Views 225 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Is netflow from fprobe supported?

FormerMember
FormerMember

Hi all,

I have a linux server that is collecting pcap data and converting that to netflows with fprobe. I am not seeing the flows show up in the Orion Netflow. Is this even supported?

Maybe I am not adding the monitored device into Orion correctly. How would I do that since the linux server is not a network device? Do I have to enable SNMP on it as well to add it as a device?

Thanks!!

  • 0

    Hi awesome_opossum,

    I just spoke with a customer who was able to get flows to show up in NTA from FProbe on their linux box using two processes (one for in, one for out; designed for high load):

    /usr/local/fprobe/sbin/fprobe -x1:2 -ieth1 -B4096 -r2 -q10000 -t10000:10000000 -a 1.1.1.1 2.2.2.2:2055

    /usr/local/fprobe/sbin/fprobe -x2:1 -ieth1 -B4096 -r2 -q10000 -t10000:10000000 -a 1.1.1.1 2.2.2.2:2055

    1.1.1.1 = Source IP

    2.2.2.2 = NetFlow collector IP

    2055 = Collector port

    X1:2 (InPackets)

    X2:1 (OutPackets)

    Hopefully this helps!

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.