• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 38 subscribers
  • Views 653 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Graphs based on source/destination IP

mitchflossin

Hey folks,

I've been tasked with graphing some of our remote facilities' internet usage which gets long hauled back across our WAN through our HQ internet pipe.

Any idea how to accomplish this?  This may be better suited for NTA, but I wasn't able to do exactly what I wanted with that either.  Is anyone else doing this?  Any tips or suggestions? 

For our sites that have their own internet connection, I'm just graphing the port which faces our firewall's external interface.  Not sure how to graph based on the source and destination IP, or if it's possible.  Even if there's another tool better suited for this, any help would be great.

Thanks, I appreciate it!, 

  • 0

    Hello,

    It sounds like NTA is your best bet for this.  For pretty graphs I would use the NTA Flow Navigator tab (on the left). You may already have tried this, sorry if this doesn't help.  Try filter on the end points you want and you can even save them to a new view.  You can also use Report writer to create a report, but it won't have the graphing that you are needing.

    2013-01-24_1402.png

    Thanks,

    Zak Kahl

    Loop1 Systems.

  • 0 in reply to zkahl

    Thanks for the reply Zak.  I was making some progress (although it's not exactly what I was looking for, but I'm trying to make it work) however I seem to have run into a major problem.

    What I've been doing is defining application groups in NTA (under Manage applications and service ports).

    For instance I defined one of our sites by entering the IP ranges of all the VLANS as the source IP and the destination is any public IP (I defined all public IP addresses) and for the port, I used 1-65535 as a catch all.  After entering 3 or 4 groups with "all ports", I can't add anymore.  I don't receive an error, but Orion just won't create the group.  As a less useful work around, I thought about defining 80 and 443 for these groups to catch most of the traffic - however this doesn't work at all.  It seems like it's only looking for these ports as the source AND destination - and of course the source port is some random high number which isn't being tracked.

    Does anyone have any suggestions?  Perhaps I'm doing something wrong.  Thanks.

  • 0

    Hi There,

    We have developed a tool called the LANGuardian which can operate standalone or it can be integrated with Orion. You can see a standalone version of it in operation here.

    It uses a SPAN port instead of flow data so in your case you would need to SPAN the internal interface of the firewall which links your Internet pipe. Once that is in place you can create custom graphs or reports to focus in on subnets associated with the remote facilities. You can see a sample of what the integration with Orion looks like at this link

    http://demo2.netfort.com/Orion/SummaryView.aspx?viewid=31

    Darragh

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.