• State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 24 subscribers
  • Views 1468 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Tracking Conversations

FormerMember
FormerMember

I am looking for a way to get SolarWinds to track the number of times that two endpoints have initiated conversation.

To put it a different way, is there a way see how many times two devices have, for example, transferred files?

It is easy to find the total size of the transfers, but that isn't really what I am looking for?

Is there a module that does this, or a report that I can set up?

Thanks for your help

  • 0

    It sounds like Solar Winds Netflow Traffic Analyzer (NTA) is the module for you.  Not only does it show you the traffic between any two addresses, it shows you when it happened and what kinds of traffic were passed.

    I use it most for troubleshooting congestion across small WAN links.  A site with a small number of only Citrix users worked fine across a T1 for a long time, and then they all began complaining their sessions were disconnecting or very slow.  NPM showed the T1 was fully utilized, but NTA enabled me to discover a full PC had been installed, and its user was streaming A/V over the WAN for personal entertainment.  I helped educate the site about their limited WAN resources and recommended they use a transistor radio, MP3 player, CD's, etc., rather than shutting down everyone's computer just so one person could enjoy music in their office.

    NTA helped me quickly identify the problem and find the offending source and solve the issue.

    You can download a free 30-day trial if it sounds like this is the right tool for your job: Network Traffic Analyzer – Bandwidth Monitor | SolarWinds.

    Swift packets to you & your customers!

    Rick S.

  • FormerMember
    0 FormerMember in reply to rschroeder

    I am actually using a demo version of NTA right now.  You mention a way to find out WHEN traffic happens?  Is there a better way than manually going in and checking on a daily basis?  For example, if someone transfers files to one specific destination 3 times over the course of a day, can I see that the 3 separate transfers happened, or will I just see it as one conversation for the day?

  • 0 in reply to FormerMember

    I think you're looking for a sweet query and output, but all I have to offer is the option of changing the time frame to include the dates you're interested in.  By default you'll probably only see the activity for the last 15 minutes, but you can set custom times or dates in NTA and go back as long as you keep records.  Just check the Absolute Time Option in NTA to set the "From" and "To" times. 


    It's in the Netflow tab, the Conversations link in the upper left, and then on the far upper right it's the small blue square box with the white down-arrow in it, next to "Last 15 Minutes":

    pastedImage_1.png

    pastedImage_0.png

    If you DO happen to find that sweet query place, please respond with it in the comments, or mention me in it.  I like the sound of it!

    Swift packets!

    Rick S.

  • 0

    If you are running a ftp software that writes to the logs, all the data will be there but how do you find it.  The answer is LEM.

    With Log and Event Manager you can find the log files for the transfer and see who sent what to whom and when.

    Its as easy as a Google search with built in nDepth search tool in LEM.

    There is even a FTP traffic filter in Monitor.

    FTPinLEM.JPG

    RT

  • 0 in reply to rschroeder

    Of course the FTP traffic will have to traverse an interface that is setup for Netflow.  If so you want to narrow it down further use the Applications tab under Flow Navigator and select 21 File Transfer.

    You will not get file names but you will get bytes transferred and approximate times.

    FTPNFCapture.JPG

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.