Hi!
New flow-tools 0.68 / flowviewer 4.1 installation. Netflow v5 on all devices.
I have 3 routers out to different ISPs that share the internet service provided
to my internal wan/man.
I have individual flow-capture instances running for the 3 routers and a
flow-tracker group that makes
nice stacked graphs showing traffic flow. (isp-a , isp-b , isp-c ) .
I frequently need to search the group of devices for traffic patterns. I wish
to be able to search/report
across a whole group, or against individual collections. How do i pull that
off?
My first stab at a solution is to run a flow-merge against the 3 collections
and build a 4th larger collection
( " isp-all " ) that i'd use for searching across all isp-routers. The
drawback of this method is its a diskspace
killer.
It seems the other option is to have all three routers send to the same
port/instance of flow capture, but then
I lose the granularity of the stacked graphs in flow tracker, and the ability
to search individual router datasets.
I have the same dilemma with reporting/monitoring our 20+ core routers and
several other "logical groups"
of netflow enabled devices.
Whats the best way to use flow-tools and flowviewer to retain individual
collections but generate reports and
graphs against logical groups of collections ?
Thanks !
MikeD
_______________________________________________
Flow-tools mailing list
[email protected]
http://mailman.splintered.net/mailman/listinfo/flow-tools
