What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

large "other" category in netfow

Votes:

0

After checking the ASA for all traffic, it only lists 3 IP protocols, all of which we have defined in our netflow sensor but "other" still shows up on the toplist as a large portion, how do we get this to show up in a more granular, defined fashion?

netflow other-channel protocol

Created on Dec 23, 2010 4:14:32 PM



5 Replies

Accepted Answer

Votes:

0

Hello,

as for the 'Other' in TopProtocols, you could check the Netflow Sensors settings, if the 'Detailed' option on the protocols is already enabled. If not, please try if this brings more details. If the details are already enabled, you would have to enable the LogStreaming to write the sensors findings into a log, which you could then analyze and use for a Custom Netflow Sensor with your own channel definitions.

Best Regards.

Created on Dec 23, 2010 4:55:17 PM by Torsten Lindner [Paessler Support]



Votes:

0

We have done that however what is weird is that in the "other" does not have a position in the toplist.

In the toplist table, the position is "Other" (instead of 1, 2, 3, etc.) and the Source IP, Source Port, Destination IP, Destination Port, and Protocol are all blank. The only other column that is populated is Bytes.

Created on Dec 23, 2010 5:41:04 PM



Votes:

0

'Other' in Toplists means everything which normally is beyond the limit of entries in the a toplist. It is a bit more tricky with TopProtocols as this one relies on the protocols supplied by the sensor, so this toplist can only use the Protocols identified by the sensor. Those protocols not identified by sensor will be categorized as 'Other'.

Created on Dec 24, 2010 8:48:42 AM by Torsten Lindner [Paessler Support]



Votes:

0

Would this also be related to "Top Connections" as well, as I am have the same a similar issue with trying to identify traffic that falls into the "Other" Catogory, when looking at top connections. Thanks.

Created on Dec 27, 2010 6:10:45 PM



Votes:

0

Again, 'Other' in the TopConnections means the summary of all entries beyond the limit (default: 100) of entries in the TopConnections-List. 'Other' in TopProtocols however most likely means a protocol which doesn't match with the protocols detectable by the Sensor itself.

Created on Dec 27, 2010 6:13:54 PM by Torsten Lindner [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.