We frequently receive inquiries regarding the availability of APIs (Application Programming Interface) for our Advanced NetFlow reporting solution, so I’m going to expand upon a subject that I touched on several months ago. NetFlow report integration is fully available, with all of its flexibility, via URLs with our Advanced NetFlow reporting solution and today I’ll show you just how flexible that really is.
Oct 19, 2015 UPDATE: We have released an API that allows for more flexible integration.
As I mentioned in my blog in June, NetFlow Integration Support, the report URLs are written in JSON (JavaScript Object Notation).
In the example below, you can see the URL at the top of the report, circled in yellow.
Formatting that URL for better visibility gives us this:
http://www.scrutinizer.com/#tab=tab3&subCat=report&rpt_json={
"reportTypeLang":"conversations",
"dev":"0A0B0101",
"int":"0A0B0101-12044",
"reportDirections":{
"selected":"both"
},
"times":{
"dateRange":"Last24Hours",
"start":"","end":""
},
"filters":{
"sdfDips_0":"in_0A0B0101_0A0B0101-12044"
},
"dataGranularity":{
"selected":"auto"
}
}
Now let’s take this apart piece by piece, giving examples of values for each of the JSON options. This then gives you the ability to easily create your own NetFlow reporting URLs.
- The following table gives examples for ‘reportTypeLang’ values. The report types define what flow elements are displayed in the report and how they are displayed.
[table id=20 /]
- The ‘dev’ option is the flow exporting device to report on, in hex notation. For example, IP Address 10.11.1.1 converts to hexadecimal 0A0B0101.
- The ‘int’ option is the interface(s) to report on, in the format of:
{hexadecimal device address}-{interface instance #}
- Values available for ‘reportDirections’ are inbound, outbound, or both and define which flow direction(s) the report will include.
- The ‘times’ option is where you define the time frame that the report will cover. Values for ‘dateRange’ are:
[table id=21 /]
The ‘Custom’ selection for dateRange also requires ‘start’ and ‘end’ times, which are entered as Epoch/Unix times.
Example:
"times":{
"dateRange":"Custom",
"start":"1416931200","end":"1416934800"
},
For defined dateRanges such as LastFiveMinutes, etc., the ‘start’ and ‘end’ times should be left blank.
Example:
"times":{
"dateRange":"Last24Hours",
"start":"","end":""
},
I’m going to address the ‘filters’ option last, as it is much more involved than any of the other options available in the report URL, and so before I get into that, I’ll cover the ‘dataGranularity’ option.
- The ‘dataGranularity’ option allows you to specify automatic selection of granularity, or specific level of granularity. Automatic granularity selection is based on the report duration (‘dateRange’). Available values for dataGranularity are listed in the following table.
Now let’s get back to the ‘filters’ option.
- The ‘filters’ option allows you to add customized filtering on any flow element exported by the exporting device that you define in the ‘dev’ option earlier. Here are some filter examples with their formatting syntax.
[table id=23 /]
- Just a couple final notes on the filters, the _0 in the filter name (sdfDips_0) indicates the order the filter was entered in the case where you have multiple entries of the same filter type, and comparison qualifiers for Advanced Filters go beyond “like|not like|equal|not equal”, depending on the field type that is added as a filter.
If you have any further questions on this, just give us a call and we can show you how you can integrate NetFlow reporting in your network monitoring application or company portal.
