Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Contents

Table of Contents

 

...

Overview

Scrutinizer is a NetFlow analyzer and incident response system that takes advantage of communications standards, i.e. NetFlow and IPFIX for Cisco as well as other compatible switches and routers.It does this to retrieve and store network traffic information for users, systems, and applications. Scrutinizer allows administrators to monitor, graph, and report on network usage patterns, and locate the heaviest traffic creators.

...

  • See network devices that are exporting NetFlow data to Scrutinizer.
  • Generate Scrutinizer graphs from NetFlow-exporting elements. You can use the network device's Graphing page in Uptime Infrastructure Monitor to directly call a Scrutinizer instance. A graph that covers a specified time frame is generated, showing the monitored element's bi-directional throughput rates through known ports, which are determined based on use by all known applications.
  • Generate Scrutinizer graphs from other Elements. Similar to network devices, you can use other Elements' Graphing pages to generate graphs in Scrutinizer. These graphs will show network traffic from the host, allowing you to pinpoint heavy users. From here, you will be able to select and graph other network traffic data for the host.
  • Use an embedded Scrutinizer interface in Uptime Infrastructure Monitor's Global Scan panel, you can access all of Scrutinizer's features, such as the Dashboard status panel, from the Scrutinizer tab. This, in addition to custom dashboards, allows you to use Global Scan as a central reporting area for various infrastructure views, based on performance metrics from Uptime Infrastructure Monitor and other tools.
Info

An update to NetFlow Scrutinizer integration authentication to accept tokens instead of user name and passwords was addressed in Uptime Infrastructure Monitor 7.8.3. Only NetFlow Scrutinizer versions 16.7 and later support tokens. While using the netflow.username and netflow.password options still are available for previous version support, that version of Uptime Infrastructure Monitor includes netflow.token to support the new authentication method.

 

...

NetFlow Installation Best Practices

  1. Install Scrutinizer (NetFlow) on a different machine than Uptime Infrastructure Monitor.
  2. Once you run the installer, make sure you right click and run as administrator.

Generate a Token to use with NetFlow Scrutinizer 16.7 and later

Go to Admin > Security > Authentication Tokens to create your token.

Integrating a Scrutinizer Instance with Uptime Infrastructure Monitor

There are two points of Scrutinizer integration within Uptime Infrastructure Monitor:

  1. A NetFlow dashboard is added to your Dashboards tab once the Scrutinizer integration configuration is added.  When the NetFlow dashboard is selected, it displays the Scrutinizer dashboard within Uptime Infrastructure Monitor.    
    If the NetFlow dashboard is not showing, than the integration configuration done in the above steps did not work or was not saved. 
    Image RemovedImage Added
  2. If a network device is being monitored in both Uptime Infrastructure Monitor and Scrutinizer, when you selected the network devices in the My Infrastructure list and go to Graphing, a NetFlow options will show up in the left menu in the Network section.  Selecting this Netflow option will generate a Scrutinizer graph that covers a specified time frame. It shows the monitored node’s bi-directional throughput rates through known ports, which are determined based on use by all known applications.

To access Scrutinizer data directly from Uptime Infrastructure Monitor, you must generate an authentication token in Scrutinizer and then the Scrutinizer instance must first be configured:

  1. To generate an authentication token, from Plixer, go to Admin > Security > Authentication Tokens, and then complete the steps.
  2. Once you have a token, access the Config tab Access the Config tab in the Monitoring Station web interface.
  3. Click Click Uptime Configuration to  to display the configuration panel.
  4. Add the following entries to the text box:
    • netflow.enabled=true
    • netflow.hostname=[NetFlowHost]
      The host name or IP address of your Uptime NetFlow installation.
    • netflow.port=[NetFlowPort]
      The HTTP port through which Scrutinizer sends and receives communication.
    • netflow.authTokenusername=[NetFlowAuthTokenNetFlowAdmin]
      The authentication token you previously created in Scrutinizer.
    Click
    • user name required to log in to Scrutinizer.
    • netflow.password=[NetFlowPassword]
      The password required to log in to Scrutinizer.
  5. Click Update.

For example (can be cut and pasted inthe the Uptime text box and updated with the correct values):

netflow.enabled=true
netflow.hostname=1.2.3.4
netflow.password=admin
netflow.port=80
netflow.authTokenusername=wTxwOKDMDEHSTLhY2lEiR_tkadmin

SPECIAL NOTICE:
Scrutinizer/Netflow v15.8 has a graphing bug.
There are two ways to fix this issue:
1) Upgrade to Scrutinizer v16.1 available on the download page:
2) If upgrading is not an options the search.html file can be downloaded and installed for the URL passing to work with Firefox and IE.
User will need to replace the search.html in [HOME]\Scrutinizer\html\ with the version attached where home is the directory that Scrutinizer was installed.

...