NetFlow Collector
The Device42 NetFlow Collector adds continuously discovered network communications details to autodiscovered information from your environment. This page covers how to set up NetFlow collection using either a Remote Collector or the standalone NetFlow Collector.
Both the Device42 Remote Collector (RC) and the standalone NetFlow Collector can collect NetFlow data. If you're setting up your first Device42 collector, set up an RC first because you don't need both.
Supported NetFlow Versions
Device42 supports NetFlow data for versions v1, v5, v6, v7, v9, and IPFIX (an IETF-defined, open-flow standard).
Install the NetFlow Collector
Download the Device42 RC or the standalone NetFlow collector from the Device42 Autodiscovery tools page.
If you haven't set up a Device42 RC yet, install the RC for NetFlow collection. Proceed to Step 1 in the next section.
If you already have one or more Device42 remote collectors running, enable NetFlow collection on an existing RC instance. Proceed to Step 2 in the next section.
Install the Device42 RC for NetFlow Collection
-
Follow the RC Installation and Configuration instructions on the Remote Collector (RC) page. After installation, return to this page to complete NetFlow configuration for your RC.
-
Enable NetFlow collection on your newly installed Device42 RC from the Device42 main menu under Discovery > Remote Collectors. Click the name of the RC you want to use for NetFlow collection.
-
From the View remote collector screen, click the Edit button in the upper right-hand corner and scroll down to the NetFlow options.
-
Configure the NetFlow options:
- Check the Enable NetFlow checkbox.
- Default Protocol: Choose TCP or UDP if you'll be using one or the other; otherwise, traffic without a protocol is ignored.
- You can optionally configure IPs to ignore, Ports to ignore, and an IP address to Forward netFlow traffic to, although these settings aren't necessary for many setups.
- Click Save in the lower right-hand corner. Your RC is now configured for NetFlow collection.
-
Ensure all your NetFlow generating devices are sending their NetFlows to the Device42 RC you just configured. If you haven't configured that already, do it now. This procedure differs depending on the hardware you are using. Consult the manufacturer's documentation for help.
Install the Device42 Standalone NetFlow Collector
The Standalone NetFlow Collector doesn't require installation and can be run from the command line.
Run the Standalone NetFlow Collector
To run the collector, open a command prompt and navigate to the directory it's stored in. Run the collector as follows:
d42-netflow-collector-windows-v100.exe -h https://yourdevice42url -u D42UserName -p D42Password
This starts the listener on port 2055 (unless a different port is specified) and begins collecting data sent to this device from your NetFlow-enabled devices. Ensure you've pointed your switches and other NetFlow-enabled devices at this NetFlow collector. Each device's NetFlow output should be the IP address of the server running the Device42 NetFlow collector.
Standalone NetFlow Collector Options
The following options are available to modify the behavior of d42-netflow-collector-windows-v100.exe:
Click to expand the code block
-addr string | netflow listen address (default "0.0.0.0:2055")
-debug | show netflow info
-h string | D42 hostname
-i int | interval in seconds between sends data to D42 (default 300)
-ignore-ip string | ignore IPs
-ignore-port string | ignore ports
-live-entries | display live entries
-live-entries-nok | display OK live entries
-live-entries-ok | display NOK live entries
-p string | D42 password
-print-data | prints data
-u string | D42 username
The NetFlow collector captures and sends data to Device42 in 5-minute increments by default. You can customize this interval using the -i command switch.
Device42 attempts to associate the data it receives with services known to Device42. If there are no services with which to associate the collected data, Device42 retains one million rows of the most recent data, discarding the oldest information as needed. As new services are discovered, data is matched against this million-row buffer.
Licensing
Contact Device42 for a demo license at support@device42.com.