Monitoring Network Traffic Using IP Flow Information Export
IP Flow Information Export allows clients to easily monitor network traffic to and from the node. This information is cached on the managed device, then exported to an assigned collector server within the node once the table is full or the timer has expired. This information is then logged and stored by the collector server for viewing. Listed below are the tasks to monitor network traffic using IP flow information export:
Enabling IP Flow Information Export
Before enabling IP Flow Information Export, the device must be configured for local management within the node. If the device is not locally managed, the
tab will not be displayed in the WebUI.The following procedure describes how to enable IP Flow Information Export:
1. In a node hierarchy, navigate to > and select the tab.
2. Expand accordion.
3. Click the toggle switch to enable this setting.
4. Click .
5. Click .
6. In the window, select the check box and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands enable IP Flow Information Export:
(host) [md] (config)#ip-flow-export-profile
(host) [md] (ip flow collector profile)#enable
Enabling Wireless Export
Starting with ArubaOS 8.0.1.0, IP Flow Information Export supports wireless export. When wireless export is enabled, a new template is defined to gather and export information about WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. clients, in addition to the standard attributes exported through the existing, pre-defined template.
The wireless attributes include:
Station IP
|
If wireless export is enabled, data flows become unidirectional. |
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands enable wireless export:
(host) [mynode] (config) #ip-flow-export-profile
(host) [mynode] (ip flow collector profile) #wireless-export
Assigning the Collector Device
When a device belonging to a node exports a cache, it is sent to the designated Collector Device in that node. The Collector Device receives, logs and stores the data from the other devices in the node.
The following procedure describes how to assign the collector IP address:
1. In a node hierarchy, navigate to and select the tab.
2. Expand accordion.
3. Click the toggle switch to enable this setting.
4. Enter the IP address of the device in the field.
5. Click .
6. Click .
7. In the window, select the check box and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands assign the collector IP address:
(host) [md] (config)#ip-flow-export-profile
(host) [md] (ip flow collector profile)#collector-ip <collector ip address>
Selecting a Transfer Mode
IP Flow Information Export supports UDP User Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. and TCP Transmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. transfer protocols when sending a cache from a device to the Collector Device.
The following procedure describes how to select a transport mode:
1. In a node hierarchy, navigate to and select the tab.
2. Expand accordion.
3. Click the toggle switch to enable this setting.
4. Select a transfer protocol from the drop-down list.
5. Click .
6. Click .
7. In the window, select the check box and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands select a transport mode:
(host) [md] (config)#ip-flow-export-profile
(host) [md] (ip flow collector profile)# transport-protocol<protocol>
Assigning a Destination Port
Clients can assign a destination port on the Collector Device to direct incoming data caches from other devices in the node.
The following procedure describes how to ssign a destination port on the Collector Device:
1. In a node hierarchy, navigate to and select the tab.
2. Expand accordion.
3. Click the toggle switch to enable this setting.
4. Enter the port number in the field.
5. Click .
6. Click .
7. In the window, select the check box and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands assign a port on the Collector Device :
(host) [md] (config)#ip-flow-export-profile
(host) [md] (ip flow collector profile)#port <port number>
Modifying the Flow Cache Size and Interval Settings
The Flow Cache limits when the cache is exported to the Collector Device and can be determined by the size of the cache or the duration of time in the session. When any one of these values is met, the cache is exported and a new one begins.
The maximum number of entries in a cache before it is exported.
The interval (time in minutes) to export active sessions.
The interval (time in minutes) to export inactive flows.
The interval (time in minutes) to export templates.
The following procedure describes how to adjust the flow cache size and interval settings:
1. In a node hierarchy, navigate to and select the tab.
2. Expand accordion.
3. Click the toggle switch to enable this setting.
4. Enter the maximum number of entries in the field.
5. Enter the time interval for an active session in the field.
6. Enter the time interval for an inactive session in the field.
7. Enter the time interval to export templates in the field.
8. Click .
9. Click .
10. In the window, select the check box and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands adjusts the Flow cache size and interval export settings:
(host) [md] (config)#ip-flow-export-profile
(host) [md](ip flow collector profile)#flow-cache-size<interger>
(host) [md](ip flow collector profile)#upload-all-interval<interger>
(host) [md](ip flow collector profile)#upload-inactive-interval<interger>
(host) [md](ip flow collector profile)#upload-template-interval<interger>
Selecting the Observation Domain
The Observation Domain is a value used by the Collector Device to group devices when receiving data sessions.
The following procedure describes how to configure observation domain:
1. In a node hierarchy, navigate to > and select the tab.
2. Expand accordion.
3. Click the toggle switch to enable this setting.
4. Enter the value in the field.
5. Click .
6. Click .
7. In the window, select the check box and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure observation domain:
(host) [md] (config)#ip-flow-export-profile
(host) [md] (ip flow collector profile)#observation-domain