Netflow Instrument
Netflow can be used to collect NetFlow information from network traffic. For introduction to NetFlow, see Wikipedia.
The Instrument will listen traffic on mirror-bridge interface and store the traffic flows (as identified by source and destination IP addresses and protocol -specific ports) in NetFlow records. These NetFlow records can then be downloaded from the Instrument using the provided HTTP API.
NetFlow records are stored in NetFlow format version 9 and they are stored in time-based fashion with new NetFlow file created every 5 minutes.
API
The HTTP API provides endpoints for getting:
- List of all NetFlow files available
- A NetFlow file with a specified name
- A “next” NetFlow file (in time -based series) from given one
Properties
| Developer | SensorFleet Oy |
| Categories | Traffic Analysis, Traffic Recording |
| Network access type | Passive |
| Required interfaces |
|
| Dependencies | None |
| Data retention | Netflow stores the NetFlow records up to the configured data retention period. |
| Management UI | Yes |