Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Netflow Traffic Analyzer (NTA) > Monitor port to identify packets, protocols, source-destination

Monitor port to identify packets, protocols, source-destination

Table of contents
Created by Alexander Aguilar, last modified by MindTouch on Jun 23, 2016

Views: 72 Votes: 0 Revisions: 4

Overview

This article describes how to monitor port to identify packets, protocols, source-destination and so on.

SolarWinds listens on port 2055. To add a device and port(s) to display information on NTA, configure the device to send the information you want to receive and add the interface(s) in Orion.

Environment

NTA 4.1

Steps

Note: You can use WireShark with a filter of "ip.addr == <IP Address> && udp.port == 2055" to identify packets, protocols, source-destination, and so on.

Additional Resources:

 

  1. On the Orion Web Console, go to HOME > Reports > Manage Reports.
  2. Click Create New Report.
  3. Select Custom Table and click Continue.
  4. Verify that the Method is Dynamic Query Builder option is selected.
  5. Select Advanced Selector.
  6. In the I want to report on field, select Netflow By Conversation History.
  7. In the Where field, select All child conditions must be satisfied (AND).
    Note: This is the default and should not be changed.
  8. Click the green plus button to add a simple condition.
  9. Click Select Field and verify that the Orion Object is set to Netflow By Conversation.
  10. Select NodeID.
  11. Select is equal to and add the numbered value for the NodeID.
    Note: The NodeID can be found in the Nodesdata table.
  12. Add this to the table layout to complete the query.
  13. Edit the table layout by adding the following:
  14. Caption (the Orion Object should be set to Node to find this value)
    • Source IP
    • Destination IP
    • Ingress Bytes
    • Egress Bytes
    • Total Bytes
  15. Verify that the Ingress, Egress, and Total columns are expanded by clicking the plus button to configure them.
  16. Verify that the display setting is in Data Unit Bytes (1000) and that Data Aggregation is set to Sum. Other settings can be left as they are.
    Note: This is important if you want to see ingress or egress on the same page in order to Sort results.
  17. Select the following:
    • Ingress Bytes - Netflow By Conversation History (Descending) for inbound traffic
    • Egress Bytes - Netflow By Conversation History (Descending)
      ​Note: Select only one depending on what you need, but you can always duplicate the Custom Table and change that field to the other direction to have both show up on one report.
    • Group Results by Node - Node
    • Select Show only top 5 records.
  18. Click Submit to finish the table layout.
  19. Provide a name for this report.
  20. Set the report schedule and click Next.
  21. Click Next.
  22. The Summary Page appears. Click Submit.

 

 

Last modified
20:35, 22 Jun 2016

Tags

Classifications

Public