6.10. Deep Monitoring of IP assets
A common use case is to enabled enhanced monitoring of specific assets. These assets are identified by IPv4/IPv6 addresses.
Deep Monitoring is a feature that enables the following features :
- for each IP : monitor all Hosts communicating with it
- for each IP : monitor all Applications communicating with it
- for each IP : monitor all Network layer protocols (TCP/UDP/ICMP/etc)
Once Deep Monitoring is configured, Trisul enables streaming analytics for the above three groups. This allows you to pull up long term reports for these.
6.10.1 Use case
Most commonly used in the following scenarios
- Service provider environment : Customers are assigned Static IP addresses – Deep Monitoring allows monthly usage reports
- Enterprise : Enable Deep Monitoring for File servers, App servers, Mail servers, and other key assets.
6.10.2 How to enable deep monitoring
Login as admin user.
You are shown a list of Filtered Counter groups.
Now fill out the following form fields
|Name associated with this IP||A name associated with this IP address, can be a customer name, server name, etc|
|Description||A description for this IP, this is shown in PDF reports for this IP. You can setup group by prepending a GROUP Name and then a Pipe character (see below)|
|Bandwidth allocated||Enter full value; eg 512000 for 512Kbps|
|Track Hosts||Disable this if you do not want to track hosts communicating with this IP.|
You can also optionally schedule a daily E-Mail report for this IP by filling out the next fields.
Important Restart Trisul Probes for this feature to take effect
You can group IPs together by using a group name. This is useful if you need to combine multiple IPs into a single PDF report. This is placed in the Description field by prepending a GROUPNAME with a Pipe character.
IP = 10.0.0.17 Description = CORPORATE | Email server This part of description is shown in the report -- IP = 10.0.0.177 Description = CORPORATE | This part of description is shown in the report app server
Now the two IP are grouped with the name
6.10.3 View reports
To view deep monitoring reports
You will then be shown a list of IPs configured for deep monitoring.
You can pull up PDF reports from this page.
The reports include the following information
- Total bandwidth IN/OUT for the IP
- Breakup IN/OUT traffic of Peers talking to this IP
- Breakup IN/OUT traffic of Apps
- Breakup IN/OUT traffic of Protocols