If you have another network management solution in place, and need (or just want) NetFlow integration support to include NetFlow reporting that may not be available in your existing application, then we have a solution for you.
I’ve discussed NetFlow report integration using URLs in the past, such as in my earlier Integrate Network Management applications with NetFlow reporting blog. In that blog, I introduced the basic configuration of the NetFlow reporting URL. As our Advanced NetFlow reporting solution has matured, so has the NetFlow report integration. That is why I am returning to this topic today, so that I can provide updated information on the URL schema, available starting with Scrutinizer v12.
NetFlow Reporting URLs
Simply put, our NetFlow report integration solution is based on accessing the NetFlow reporting via URLs.
Expanding upon that, in v12, the URLs are written in JSON (JavaScript Object Notation). Easy to read, easy to write, and easy for machines to parse and generate.
Let’s start with a report URL example:
http://10.10.10.10/#tab=tab3&subCat=report&rpt_json={“reportTypeLang”:”conversations”,”filters”:{“sdfDips_0″:”in_0A0C0101_0A0C0101-12044″},”reportDirections”:{“selected”:”inbound”},”times”:{“end”:1402391100,”start”:1402390800}}
And then add some newlines so that the format is revealed:
http://10.10.10.10/#tab=tab3&subCat=report&rpt_json={
“reportTypeLang”:”conversations”,
“filters”:{
“sdfDips_0″:”in_0A0C0101_0A0C0101-12044”
},
“reportDirections”:{
“selected”:”inbound”
},
“times”:{
“end”:1401286020,
“start”:1401285720
}
}”
Now, if you copy and paste the entire URL to a browser and you will get the NetFlow reporting results displayed below.
The report parameters for the example above, as defined in the URL, are:
- Conversations report
- Exporter IP Address 10.12.1.1 (displayed as hex address 0A0C0101 in the URL)
- Interface instance 12044
- Inbound traffic direction
- Report timeframe is 6/10/2014 09:00:00 – 6/10/2014 09:05:00 (displayed as epoch timestamp in URL)
Pre-saved NetFlow reports are also accessible, using this URL:
http://10.10.10.10/standAloneReport.html?saved_id=11
And we can also add access to any of the predefined dashboard gadgets, such as the TopN gadgets, or as the example below shows, the Jitter by Interface dashboard gadget, as a URL, using the following format:
http://10.10.10.10/standAloneReport.html?gadget_id=2
NetFlow Report Integration
Now that you have the URL, you can add it to either your existing web-based Network Management system, or possibly a web portal where you can make NetFlow reporting available to your customer base. Providing it a seamless integration, leaving the end user none the wiser as to where the reporting actually came from.
For example, the NetFlow report integration using URLs blog uses integration with ScienceLogic’s EM7 Network Management solution as a case in point. To see how the URLs would be applied, please check out that blog.
We can also take this integration beyond standard NetFlow reporting inclusion, as shown in the Cisco WLC AVC report example, to include adding network threat detection reporting to your main security monitoring portal. Since we have several predefined network security dashboard gadgets, and you can access any of those for use external to Scrutinizer, they are easily embedded in another website, or security detection application.
For more information on specific dashboard gadget ids, Report Types, or tables of any other elements required for the NetFlow report integration URLs, please contact us directly at 207.324.8805.
