• Forums
    • Public Forums
      • Community Connect
      • Dynatrace
        • Dynatrace Open Q&A
      • Application Monitoring & UEM
        • AppMon & UEM Open Q&A
      • Network Application Monitoring
        • NAM Open Q&A
        • Enterprise Synthetic Monitoring
      • Synthetic Classic
        • Synthetic Classic Open Q&A
  • Home /
  • Public Forums /
  • Network Application Monitoring /
  • NAM Open Q&A /
avatar image
Question by Anthony P. · Jul 13, 2015 at 08:23 AM · nam probe

Cannot recieve Netflow from Cisco Wireless controller..

Hi all,

Got a slight problem in that we have a Cisco wireless controller configured to send a 12.3.4.16 AMD Netflow ( which we see the UDP packets on the interface) but it never appears as a flow source in the AMD configuration. We tested another Netflow source to see if it was an AMD issue and that worked fine,, e.g it appeared as a flow source...

Any ideas???

Regards

Anthony Percy

wireless.dmp

wireless.dmp (235.4 KiB)
Comment

People who like this

0 Show 1
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

avatar image Anthony P. · Jul 13, 2015 at 11:21 PM 0
Share

Found out some further info ...

It appears the Cisco Wireless WLC netflow field format is unusual in that it has these fields..

• applicationTag
• ipDiffServCodePoint
• octetDeltaCount
• packetDeltaCount
• postIpDiffServCodePoint
• staIPv4Address
• staMacAddress
• wlanSSID
• wtpMacAddress

This article gives a good explanation of a problem with Solar winds ignoring this Netflow format in 2014  http://mrncciew.com/2013/02/13/who-really-support-wlc-netflow/

Could our NFC collector be doing the same?

Regards

 

AP

3 Replies

  • Sort: 
  • Most voted
  • Newest
  • Oldest
avatar image
Best Answer

Answer by Mike H. · Jul 15, 2015 at 03:27 PM

The wireless access point is a L2 device and as such the flow records and the template it uses do not contain L3 source and destination information, which is required for recognition and used in conjunction with the direction and application Id to match ingress and egress flows together. It also has limited options in terms of template and metric options. if possible try using a different NetFlow source form a device downstream form the wireless access point.

Comment

People who like this

0 Show 0 · Share
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

avatar image

Answer by Ulf T. · Jul 15, 2015 at 09:35 AM

You shouldn't really need to go backwards in Netflow versions. Try opening a support ticket since some of the more the subtle things in NF can be daunting.

Comment

People who like this

0 Show 0 · Share
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

avatar image

Answer by Chris V. · Jul 15, 2015 at 05:25 AM

Can you force the device to send NetFlow v5 format? It's fixed and we support it.

 

Comment

People who like this

0 Show 0 · Share
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Join the conversation!

First steps in the forum
Community User Guide

NAM 2019 SP3 is available


Check updated libraries and support added in the latest NAM service pack.

Learn more

LIVE WEBINAR

"Performance Clinic - Monitoring as a Self Service with Dynatrace"


JANUARY 15, 3:00 PM GMT / 10:00 AM ET

Register here

Follow this Question

Answers Answers and Comments

3 People are following this question.

avatar image avatar image avatar image

Related Questions

Strange situation with network - other Slow operations 5 Answers

AMD and Netflow 1 Answer

Using Netflow to monitor switch and switch ports 1 Answer

Change AppFlow Listening Port on AMD 2 Answers

Cascade flow and RTT 1 Answer

Forum Tags

esm security siebel Dynatrace Managed license nam probe wan citrix server dna rest api configuration mq alerting NAM 2018 dashboard dcrumadvisory reports css nam universal decode mobileapp RUM ads sap log monitoring nam console scripting nam server sequence transactions upgrade nam 2019
  • Forums
  • Public Forums
    • Community Connect
    • Dynatrace
      • Dynatrace Open Q&A
    • Application Monitoring & UEM
      • AppMon & UEM Open Q&A
    • Network Application Monitoring
      • NAM Open Q&A
      • Enterprise Synthetic Monitoring
    • Synthetic Classic
      • Synthetic Classic Open Q&A