Skip to main content
Version: 2.10.1

Autonomous Systems Monitor (10066 / 20066)

Description​

This Module reports traffic by all Autonomous Systems (AS). This information is provided per NetFlow exporter.

Parameters​

Parameter NameDescriptionComments
Data Collection Interval, secModule logic execution intervalmin = 5 sec, max = 600 sec, default = 30 sec
N – number of reported hostsThe number of top ASN pairs reported per NetFlow exportermin = 0, max = 100000, default = 50 (0 indicates all hosts are reported)

Input​

NetFlow v5, v9, IPFIX.

Required NetFlow Fields​

Information Element (IE)IE idIE size, BDescription
octetDeltaCount14 or 8The number of octets since the previous report (if any) in incoming packets for this Flow at the Observation Point. The number of octets includes IP header(s) and IP payload.
packetDeltaCount24 or 8The number of incoming packets since the previous report (if any) for this Flow at the Observation Point.

Syslog/JSON Message Fields​

KeyField DescriptionComments
nfc_idMessage type identifier"nfc_id=20066"
exp_ipNetFlow exporter IP address<IPv4 address>
src_asnSource AS<number>
dest_asnDestination AS<number>
bytesTotal number of Layer 3 bytes in the packets of the flow received (IPv4)<number>
bytes6Total number of Layer 3 bytes in the packets of the flow received (IPv6)<number>
packetsPackets in the flow received (IPv4)<number>
packets6Packets in the flow received (IPv6)<number>
flow_countNumber of Flows<number>
percent_of_totalPercent of Total (bytes)<decimal>
[flow_smpl_id]Flow Sampler ID<number>
t_intObservation time interval, msec<number>